Tackling the cyber security gender imbalance

Women are underrepresented in the global cyber security profession, even though women matter in cyber security because of the way they view and deal with risk.
Read time 4min 40sec

There is no doubt there is a shortage of cyber security professionals around the globe, which is somewhat problematic, considering that cyber attacks are among the top 10 mostly likely risks to occur (and have far-reaching impact), according to the World Economic Forum’s 2020 Global Risks Report.

Global cyber security skills shortages have now surpassed 4.07 million, according to the (ISC)², an international association for information security leaders. What’s more, the requirement for sector experts is expected to grow daily.

Dig a little deeper into the numbers, and you’ll see that it’s not just about how many cyber security professionals we need, but also about how that industry is skewed towards males.

I’ve written before about how cyber security as a profession can help alleviate poverty, and nowhere is this more true than when it comes to female professionals being elevated out of stereotypes and into positions where they can earn a good living, while making a notable contribution to society. As my good friend Jane Frankland says in her book “Insecurity”: “Women matter in cyber security because of the way they view and deal with risk.”

According to the (ISC), cyber security professionals are more than twice as likely to be male, meaning there is an under-tapped demographic available for recruiting if companies can position the role in a way that overcomes common misconceptions. .

This startling – to me anyway – statistic is contained in its Cyber Security Workforce Study, 2019 – the latest available research on what the global cyber security sector looks like. It states that, among respondents with security-specific titles, 23% were women. The highest percentage of women cyber security professionals came from Latin America (39%) and North America (34%). And that’s based on online survey data collected in June and July 2019 from 3 237 individuals responsible for security/cyber security at work throughout North America, Europe, Latin America and Asia-Pacific.

Globally, men are four times more likely to hold cyber security C-suite and executive level positions.

Although outdated, a PwC report from 2017 investigates gender imbalances more closely. The 2017 Global Information Security Workforce Study: Women in Cyber Security demonstrated there is much to do when it comes to female representation in cyber security.

Globally, men are four times more likely to hold cyber security C-suite and executive level positions, and nine times more likely to hold managerial positions than women, it found.

Other glaring findings include:

  • Women are underrepresented in the global cyber security profession, at 11% – much lower than the representation of women in the overall global workforce.
  • 51% of women report various forms of discrimination in the cyber security workforce.
  • In 2016, women in cyber security earned less than men at every level.
  • Women who feel valued in the workplace have also benefitted from leadership development programmes in greater numbers than women who feel undervalued.

Making a difference

There are, however, ways in which we can encourage more women to join the sector: through making skills development programmes available that specifically target those who are marginalised and valuing the women we do have in our teams.

I am exceptionally fortunate to work with some amazing women in my team. That’s why I am very pleased to see that two female colleagues made the Top 50 Women in Cyber Security Africa list. This accolade recognises women in cyber security in Africa who are making significant contributions to the industry and profession across the continent.

The list is compiled in collaboration with the Women in Security & Resilience Alliance , a sub-network of the Security Partners’ Forum. Other objectives of the recognition include creating and/or shedding light on female role models; giving more attention to the women in cyber security agenda at the continental level; fostering women’s voices and influence in cyber security in Africa; boosting women’s profile for career and professional growth; and starting a culture of awards in cyber security in Africa.

The inaugural accolade attracted more than 300 submissions from over 10 African countries. The most represented countries in the nominations and finalists were South Africa, Nigeria, Kenya and Tunisia, in that order.

Ina Steyn, our head of resilience and cyber security awareness, has been an amazing mentor to many of our young women in the organisation, guiding them along the way in their passion for cyber security. This led Ina to lead the creation of our "Women in Engineering Services" programme, which looks at empowering our woman in our technology, risk and security functions. Her passion for learning as well as developing others is phenomenal, and she is definitely a leader who I am very lucky to have on my team.

Ronnel Moodley, our lead security consultant, has inspired our team through her leadership, where she influences both technical and non-technical professionals worldwide. She is driven, proactive, and her passion for cyber security is profoundly inspiring. Her secret is a gift in explaining complex topics in a clear and simplified way, and when combined with her enthusiastic approach, triggers curiosity and inspires action.

Without the support of these amazing women, and many others, my role would be much more complicated. This diversity drives problem solving and productivity.

Sandro Bucchianeri

Absa group chief security officer

Sandro Bucchianeri is Absa group chief security officer. He grew up in the Cape Flats and, unlike many children from that area, had the opportunity later to study and work abroad. He has worked in the UK and the US, and travelled to over 50 countries across the globe in his role as a security consultant before joining Absa in 2017.

Bucchianeri has more than two decades of experience in the field of security information protection. Previous roles include group chief security officer at National Bank of Abu Dhabi and chief information security officer at Investec PLC. Earlier, Bucchianeri was CSO and global head of consulting at Sysnet Global Solutions.

He is a keen supporter of new business ventures, and is passionate about making a contribution to uplifting communities. He led Absa’s efforts in establishing the Absa Cyber Security Academy – a partnership with Maharishi Institute.

Bucchianeri is a member of a number of boards, including the Payment Card Industry Security Standards Council advisory board, which also comprises representatives of Amazon, PayPal, Microsoft and Wal-Mart.

He has several international certifications in risk management and cyber security, in addition to a Masters Degree in Information Security from Royal Holloway University of London.

See also