Editorial

Women in cybersecurity believe equality will take at least a decade

Better support and career progression, and becoming less of a ‘boys club’, will have the most positive impact, finds CIISec survey

Posted 4 March 2021 by Christine Horton


New research shows 57 percent of women working in the industry believe it will take at least a decade for them to be treated as equals to men, with 20 percent believing it will ‘never happen’.

However, women are clear on what is needed to address the issues; 56 percent say better support and career progression, 49 percent say the industry needs to be less of a “boys only club” and 47 percent say more women in the industry would make a positive impact.

The research also shows women are struggling to progress both due to the status quo of the industry and not getting the required support. Almost half (47 percent) have experienced or observed blatant sexism that was not disciplined. Meanwhile, half (50 percent) say they feel they lack the necessary skills to progress to a new role and 61 percent say a lack of confidence in their own abilities is holding them back.  

The Chartered Institute of Information Security (CIISec), which conducted the research, described the state of diversity within the cybersecurity industry as “worrying”.

“There’s no question that the cyber security industry must become more diverse. This isn’t only a matter of creating a more inclusive and fairer world. Without greater diversity and inclusion, the industry risks stagnating,” said Amanda Finch, CEO of CIISec.

“Organisations need to work together to eradicate the “boys only club” culture cyber security has built up over the years. As an industry facing a skills shortage, it can’t afford to drive away valuable new blood that could bring fresh new ideas. We need to encourage a new generation of talent into the industry and give women better support; both to help them progress, and so they want to stay in their careers.”

Issues to be addressed

The survey shows there are some perennial issues that must be addressed:

  • 42 percent of women have experienced a lack of career progression (e.g., being passed over for promotion).
  • 46 percent say they have been paid noticeably less than men doing the same job.
  • Nearly half (48 percent) of women say that they feel unwelcome in a “boys only club”.
  • More than half (51 percent) have experienced being the only woman in the organisation.
Amanda Finch, CEO of CIISec

When asked what was most important to them when considering a role in cybersecurity, 63 percent say the opportunity to learn new things, 57 percent say work-life balance, 54 percent say career progression and 46 percent say the challenge of the role.

“Addressing the diversity issue isn’t a quick overnight fix,” said Finch. “We need to dig deep into the underlying issues and address them from the ground up to really put this right. Understanding exactly what women are experiencing and need are just the first steps to help make a change.

“We need to offer clear paths to progression through frameworks and ongoing training. We need to break down barriers and demonstrate the varied roles and career paths within the industry. Doing this will help make a real difference in encouraging women into the industry, bringing with them the new skills we so desperately need to fight against the changing threat landscape.”