Diversity works. It’s good for every industry. Dozens of research studies show that a diverse workforce is more innovative and creative.
Our information security industry depends, perhaps more than any other industry, on innovation and fresh perspectives. But we’re not diverse, as far as gender is concerned. Only 11% of the global information security workforce is made up of women, and in the UK, this figures decline to only 8%.
Women aren’t entering the sector, and, if they do, they’re leaving quickly. Our sector is limiting itself by its inability to attract and retain women. And, with more than 1 million unfilled cybersecurity jobs worldwide and cybercrime becoming more sophisticated and widespread, we must change.
Organisations with women in leadership outperform their competitors, and the tipping point to change leadership dynamics – and organisational culture – is three or more women on the executive board. Yes, there are women in leadership positions. Think Angela Sasse, Head of Information Security Research at UCL; think Carmina Lees, VP Security at IBM. But women in leadership roles are rare.
The reason for underrepresentation at every level is complex. There’s:
Rethinking recruitment and retention
Attracting and retaining women workers should not be a piecemeal process, but a sustained, deliberate programme to transform perceptions and culture. It might be beyond our powers to normalise technology for girls in schools and dissolve the gender-biased messages that both girls and boys receive from babyhood. But we can act on what’s within our own locus of control. Many companies are examining every aspect of the organisational design to improve their gender balance.
Five steps to a more diverse workforce
1. Explain our sector properly
Employers like Raytheon have focussed on myth-busting to make the engineering sector more attractive to women. The infosecurity sector could do the same to alter perceptions. For instance, it’s not a new sector for women; a recent study showed that nearly 40% of women respondents had been working in the field for 10 or more years.
2. Widen the talent pool
The same study showed that fewer than 50% of the women respondents entered the sector from computer science or IT. Many had come from psychology, compliance, audit, sales and entrepreneurship. Infosec recruiters who look beyond STEM will find a more diverse talent pool.
3. Stay with the programme
McKinsey research suggests that the most effective practices for increasing women’s representation at every level are:
4. Introduce return-to-work programmes
IBM, for example, supports women returners through its Tech Re-Entry Program, which brings returners up to speed before launching them back into the workplace.
5. Link to support networks
Support networks are an effective mechanism for exchanging information, increasing collaboration and fostering a sense of belonging. Networks like the AnitaB.org or Women’s Security Society (also open to men) aim to help women flourish and are sponsored by, and partner with, a range of infosec organisations.
Diversity is good for all of us. If we break down the barriers to true gender balance, we’ll enrich our sector with more talent, more innovation and an increased ability to take on all the challenges of the future.
Networks and support:
Wale Omolere is an experienced Cyber Security instructor and practitioner with over 18 years’ experience working in Consulting, Oil & Gas, Telecommunication, Automobile, Asset & Wealth Management. He has a background in computer science, coupled with direct experience in all types of computing and networking platforms. He provides Cyber security advisory services to business, as well as hands-on management of IT systems, projects, and operations. He has led the deployment of various cyber security technologies, developing processes for managing and monitoring security incidents.