A new study has revealed that women hold only 10 percent of board positions and 16 percent of management positions within the world’s leading cybersecurity companies.
The study was carried out by cybersecurity specialists Eskenzi PR and Marketing, and looked at the websites of 138 companies from the Cybersecurity Ventures Hot 150 to understand the ratio between males and females in senior positions. It uncovered that out of 609 board positions, only 60 are taken up by females, while out of 1700 management positions only 271 are taken up by women. This highlights a major gap in the industry where companies could be missing out on the specialist skills women can bring to cybersecurity.
“I have worked in cybersecurity for over 25 years and watched it evolve throughout this time, but one thing that hasn’t changed is that the industry is still swarming with men. The industry needs more women in driving seats and companies need to understand the traits women can bring to security roles to improve our overall defences. Today is International Women’s Day and I want our study to stand as a call to action for cybersecurity companies to make a conscious effort to recruit more women and encourage more women to get involved in this fast-paced and exciting industry,” said Yvonne Eskenzi, director and co-founder of Eskenzi PR and Marketing.
The study also looked at the types of management roles women hold within cybersecurity organisations and it revealed that the majority hold senior roles in either marketing or HR. There were only eight female CEO positions held and only one security company has an entirely female management team, compared to 19 companies that have entirely male management teams.
“The challenges facing our society related to cybersecurity threats are pervasive and will only get worse. We need talent not just from 50% of the population (men), we need talent from 100% of the population to tackle these complex problems. We need women at the Board level and at the Leadership/Management level because we experience the world differently than men and that experience is valuable in problem solving. We need a broader lens on these problems and that can only happen when women are at these elevated positions,” said Vanessa Pegueros, chief trust and security officer at OneLogin.
AI to address industry bias
“While appreciative of technological advancement, it’s important to call attention to the responsible use of AI and fairness, and ethical use of data. Organisations leveraging AI to identify potential job candidates hold a responsibility to ensure the hiring algorithms used do not discriminate against genders; an issue that has been highlighted in recent studies. If the industry wants to tackle the issue of attracting more female talent, and importantly, be more diverse and inclusive overall, the focus should be on proactively solving the issue of biases in data. Fairness and ethical use of data need to be at the centre of any data-driven company. One way to achieve that is through the use of data synthesis technology, where any bias in the original dataset is removed, levelling the playing field for all candidates,” said Gina Dragulin, VP at Synthesized.
Celebrating Women in Cyber
Natalie Page is a threat intelligence analyst at Talion and she works on the cyber front lines defending companies against today’s online threats. She graduated from the University of Lancashire in 2017 after completing a Masters in Cybersecurity, however it took her almost a year to land her first job in the industry. Natalie loves working in cyber because of the new challenges she faces every day, she also enjoys researching new threats and gaining an insight into the attacker mindset. Natalie encourages more females to join the industry as she believes women can bring certain traits to the role, which can help improve security defences and also make security teams more collaborative.
“When I was at university all my professors told me I would land a job in cyber straight away because there was such a talent shortage, however, this wasn’t the case. Most companies ask for ten years’ experience before they will even consider an interview. My fellow students on my Masters course were all females, but only two of us work in cyber today. This shows that a lot of companies are missing a trick by not working with universities to bridge talent shortage or encourage more females to get into the industry. Cyber is one of the fastest paced industries and every day I see new things which amaze me. The industry needs more females as women can bring new thinking to identifying threats, and organisations can benefit from this to help improve their security,” said Natalie Page.
Ainsley Braun, Director at Synopsys: Before moving to Synopsys, Ainsley was the Cofounder and former CEO at Tinfoil Security. She earned two Bachelor of Science degrees from MIT in 2010; one in Brain and Cognitive Sciences and the other in Writing. She holds five patents, and has published two scientific papers in Cognitive Vision. Ainsley is also a member of the Silicon Valley Leadership Group (SVLG), a Board Member of the Women in Cybersecurity council at California Technology Council (CTC) and co-captain of the Samurai Capture The Flag (CTF) team.
Anna Collard, SVP of content strategy and evangelist for KnowBe4 Africa has been working in the cybersecurity field as a security architect and consultant for 18 years, where she has assisted organizations across South Africa, Europe and the U.S. Collard founded security content publisher Popcorn Training, now part of KnowBe4, which is a South African company that promotes cybersecurity awareness by using innovative, story-based techniques and gamification to make complex content simple to understand and easy to remember. She won the Women in Tech Innovations Throughout Africa 2020 Award for Southern and Central Africa. Collard holds various security certifications, such as CISSP, CISA, ISO 27001 lead auditor, CIPP/IT and used to be a Visa/Mastercard PCI DSS QSA.
“As an industry, we need to showcase opportunities for different skill levels and interests to attract more females. Last year, we ran a survey across 500 African teachers in primary, high school, and higher institutions. One of the common denominators in the feedback received was that sharing success stories of other women in the industry, especially of successful female African CISOs will hopefully inspire more young girls to pursue a career path in the tech and security sectors. The other feedback was to make it more “cool” and “attractive” — the cybersecurity industry does not consist of guys in hoodies in dark garages, but this is the perception many still have.”
Meera Rao, DevSecOps Practice Director at Synopsys: Meera has over 20 years of experience working for software development organisations in a variety of roles including Architect, Lead Developer, and Project Manager, and Security Architect. She has worked with a number of Fortune 500 companies and various government organisations. Meera has overseen and performed secure code reviews, static analysis implementations, architectural risk analysis, secure design reviews and threat modeling of systems built from a few thousand lines of code to systems containing tens of millions of lines of code (Java, JEE, .Net, Rails, Grails, and C/C++). She is also a certified instructor in Architecture Risk Analysis, Threat Modeling, Defensive Programming Generic, Defensive Programming Java EE, Defensive Programming C#/VB.NET, Foundations of Software Security, Software Security Requirements, OWASP Top 10, Secure Code Review and Static Analysis.
Youtse Sung is VP of Global Marketing at Outpost24: She brings over 10 years of experience in global marketing roles crossing digital and customer experience software and cybersecurity. As the VP Marketing, she combines product marketing expertise with an extensive background in communications and operations to deliver marketing programs that build awareness, differentiation and demands. Prior to joining Outpost24, Youtse has held various growth marketing positions in the technology space including Episerver.
“Before working in the sector I had no idea how interesting and dynamic it is. I’ve always been fascinated by technology and cybersecurity is the perfect place to see how technology can be used to disrupt or protect users and businesses. The fact that we’re delivering software to help customers improve security posture and reduce the risk of a cyberattack makes my job all the more meaningful. I’ve had the pleasure to meet and work with many amazing women (and men) in cybersecurity, and I’m proud to work for a company with a strong emphasis on equality, not just gender but all kinds, where we are encouraged to do our best work regardless.”
Georgia Michala, L1 Cyber Security Analyst at Obrela Security Industries: “I have been working as a cyber security analyst for over a year and I love how exciting the industry is and how no day is ever the same. My team and I work to protect our customers against cyber criminals and we have to stay one step ahead of them at all times. This makes my job very fast paced, which is a great fit for my personality. I believe other women need to join the security industry as there is huge potential for females and the industry offers a very exciting career choice.”