Lack of women representation in cyber-security sector
Share this article:
WOMEN made up only about 20 percent of the cybersecurity workforce while one of the top pain points for chief information security officers was the shortage of security skills, security awareness training and simulated phishing platform provider KnowBe4 Africa said yesterday.
The firm’s managing director, Anna Collard, said there were four million IT security vacancies, which were expected to reach 10 million by 2023, yet a mere 1 percent of cybersecurity senior management were women.
According to research by the University of North Carolina Professor of Management Dr Nir Kshetri, women made up only 9 percent of the security workforce in Africa. The situation was worse elswhere, as women comprised only 7 percent of the security workforce in Europe, 5 percent in the Middle East, and 8 percent in Latin America.
Collard said that women used the internet less than men in Africa, and women of colour were more likely to be targeted by hate speech online.
“If you are a woman in the public domain, especially if you are a journalist, you are more likely to be harassed online than men. This situation is complex and unpleasant and very likely contributes to the lack of diversity in the technology space,” Collard said.
KnowBe4 Africa said there was a need for every part of the technology sector to overcome its inherent bias and to focus on diversity.
Collard said there was a need to find ways of minimising the risks and complexities that came with women entering the industry. For the cybersecurity sector, this lack of representation also represented an opportunity, one where the skills gap could be addressed at the same time as the lack of diversity.
“You need different ways of thinking to really deliver next-level problem solving,” said Collard. “In this industry, teams have to think outside the box, because this is how the criminals think. It helps to have input and perspectives from different people across different age groups, nationalities, cultures, races and genders. Inclusive and diverse teams are going to be more likely to find unusual or unexpected solutions than those that are made up of the same people from the same background.”
The (ISC)² published the “Innovation Through Inclusion: The Multicultural Cybersecurity Workforce” report that examined diversity in the cybersecurity workplace across 9 500 US cybersecurity professionals. The report found that minority women were more likely to hold non-managerial positions and experience pay discrepancies.
The report did more than highlight the unpleasant realities of diversity within the profession; it also found that organisations that had diverse leadership teams saw better revenue, benefited from a better culture and saw a significant improvement in security posture.
Collard said this situation needed to change immediately. “This can be done through mentoring programmes that use women to train women, creating spaces that are exciting for women to enter rather than exclusive and intimidating. It can also be improved at the education level by offering cybersecurity as a subject and making it more accessible for all genders, cultures and races,” said Collard.
In South Africa, a public-private sector initiative called Gov-X Innovation Challenge sought to incentivise youth to come up with new ideas and approaches to help the government (the national CSIRT “Cyberhub”) tackle issues such as improving incident response, and community awareness of and tactic to curb online gender-based violence.
BUSINESS REPORT ONLINE