Lack of gender diversity in the global cybersecurity workforce

Within the cybersecurity workforce, females are severely underrepresented. A mere 10% of the global cyber-security workforce is made up of women. This gender difference is reflected through other statistics, which show that only 26% of IT professionals worldwide are females, as well as only 9% of UK engineers.

A new report was produced by CREST, where the issue of diversity in the workplace was explored. It collected data from its 2016 Diversity Workshop which involved individuals in industry, government and academia.

It was discovered that there was a severe gap between the amount of female and male computer science students in universities in the UK. A recent study discovered that 18% of computer science degrees are achieved by females, compared to a disproportionate 82% by males. The report argues this is due to female perception, as they believed the sector was male dominated. This discouraged them from applying to the course.

The results of this study can be used to explain the gap in the industry. Many females choose not to work in this sector as they associate the industry with being a ‘man’s world’. However, this is far from reality. Most attendees admitted that they had never experienced sexism or inhospitality to women.

Tackling diversity in the IT workforce

One attendee declared that these problems could be solved through doubling the sector of people that the industry recruits from. Several attendees believed that women were deterred from applying due to the misconception that individuals must be technical in order to work in the industry.

It was suggested that other skills should be publicised as well, other than just those that are technical. The attendees thought of different ideas which would help to encourage more women to apply for roles within these sectors. Primarily education was considered, as it is more likely that females would want to join this career sector if they were influenced earlier on in life.

Furthermore, the sector should be publicised in a different manner, which would entice both genders. The industry should be portrayed as gender-neutral. Moreover, it was suggested that positive female role models should be created. These role models would help to promote a positive image of the career.

In addition, some attendees stated that women should be financially supported throughout the course, through offering loans.

One attendee believed that the media must be utilised, such as TV, radio campaigns and social media messages. This would help to reach the masses.

Consequences of diversifying the workplace

One attendee stated that “Increasing the number of women in cybersecurity is not simply for diversity’s sake, but for the sake of the industry.” By taking people from the same background similar approaches and ideas will be generated. In order to gain more original and innovative responses it is important to diversify.

Ian Glover, President of CREST commented that “The workshop was a resounding success and addressed many of the issues preventing gender diversity in cybersecurity. These discussions are useless if we do not act and the findings will be used for all future projects.”


Edited from press release by Ruby Arenson.