What are the challenges and barriers you see women facing when entering the cybersecurity profession

𝑻𝒉𝒆𝒓𝒆 𝒂𝒓𝒆 𝒆𝒙𝒕𝒓𝒆𝒎𝒆𝒍𝒚 𝒍𝒐𝒘 𝒑𝒆𝒓𝒄𝒆𝒏𝒕𝒂𝒈𝒆 𝒐𝒇 𝒘𝒐𝒎𝒆𝒏 𝒊𝒏 𝒄𝒚𝒃𝒆𝒓 𝒔𝒆𝒄𝒖𝒓𝒊𝒕𝒚 𝒍𝒆𝒂𝒅𝒆𝒓𝒔𝒉𝒊𝒑 𝒓𝒐𝒍𝒆𝒔. 𝑾𝒐𝒎𝒆𝒏 𝒏𝒆𝒆𝒅 𝒆𝒙𝒂𝒎𝒑𝒍𝒆𝒔 𝒐𝒇 𝒐𝒕𝒉𝒆𝒓 𝒔𝒖𝒄𝒄𝒆𝒔𝒔𝒇𝒖𝒍 𝒘𝒐𝒎𝒆𝒏 𝒓𝒐𝒍𝒆 𝒎𝒐𝒅𝒆𝒍𝒔 𝒐𝒓 𝒊𝒏𝒇𝒍𝒖𝒆𝒏𝒄𝒆𝒓𝒔 𝒊𝒏 “𝒔𝒖𝒔𝒕𝒂𝒊𝒏𝒆𝒅 𝒂𝒏𝒅 𝒖𝒑𝒘𝒂𝒓𝒅 𝒕𝒓𝒆𝒏𝒅𝒊𝒏𝒈” 𝒍𝒆𝒂𝒅𝒆𝒓𝒔𝒉𝒊𝒑 𝒓𝒐𝒍𝒆𝒔 𝒕𝒐 𝒃𝒆 𝒂𝒃𝒍𝒆 𝒕𝒐 𝒗𝒊𝒔𝒖𝒂𝒍𝒊𝒛𝒆 𝒕𝒉𝒆𝒎𝒔𝒆𝒍𝒗𝒆𝒔 𝒊𝒏 𝒐𝒏𝒆. Lack of concentrated efforts to shine the light on incredible talent definitely doesn’t help.

Female recognition: ongoing recognition of female pioneers and leaders in cyber security industry will inspire even more women to join the cyber security industry.

Female representation

In addition, local female representation in delivering keynotes on material and core Cybersecurity subjects at national Cybersecurity events and conferences also continues to be very low. There is a need to lift the profiles of exceptional and influential women in the sector and shine a light on them through media coverage, awards, recognition, Cybersecurity magazine features, etc. They need to be seen, supported, promoted, empowered but MOST importantly setup for success, for aspiring proteges to identify them as role models.

Modesty:

Another challenge is that women are inherently modest and are not found promoting themselves proactively on social media, events and conferences. Women in influential positions must increasingly promote themselves on global professional platforms like LinkedIn, so that it creates an opportunity for proteges to identify someone they admire, someone who has a professional style they want to emulate, a skill set they want to develop or a Cybersecurity field they want to succeed in. Representation is crucial!

Mentorship challenges:

The most significant challenge in Cybersecurity mentorship, is finding the right female mentor. Women need examples of other successful women role models or influencers in “sustained and upward trending” leadership roles to be able to visualise themselves in one. However, the percentage of women in Cybersecurity senior leadership roles is very low.

Access to mentorship through established programs is also a challenge. Most major mentoring initiatives require mentors and mentees to enroll for a paid annual membership. Mentorship should be a voluntary, non-profit and a self-less act of guiding, upskilling, and uplifting a mentee. The pairing of a mentor-mentee should be through established criteria such as personal interests, professional skills, geo-location and social values to deliver maximum benefit.

Mentoring is a two-way street, meaning traditional mentoring approaches must evolve. When mentor does not explore the opportunities for new skills they can develop from mentees, the relationship is often not as long lasting as in the case of reverse mentoring approaches.

Real challenges:

For earning women experienced in other industries and roles, self-doubt in taking the leap of faith to pursue a new career and the fear of failure once they land the role is substantial. There is a calculated risk in giving up a stable income to pursue a career with no subject matter expertise, no knowledge, and no experience, specially for women that have children. Women also inherently take responsibilities for parents, siblings, and partners in contributing and financially supporting the family for them to me seen as independent.

For students aspiring to be new entrants the biggest challenge is the entry pathway. Today there is a lot of competition to enter the cyber security market even as a graduate intern. Many students come to me for advice on what they should as they cannot find a job even after they have completed their education and industry certifications and a struggling to land a job. The entry analyst jobs require 2-3 years of experience and professional certifications such a CISM, CISSP and the likes, which inturn require 3+ years of experience in a cyber security role for the certification to be awarded. It’s a loop!

If someone has decided to take a leap of faith, the immediate opportunities available to them is a 6 month secondment with no garuntee of successfully getting the job.

For students, the internships are mostly unpaid.

Lack of male protégés making themselves approachable and getting out there to show support:

As you know, women unto mid senior roles are mostly seen to lack authority and decision-making ability when hiring candidates. Its mostly a panel that makes a decision and the authority is usually held back by the senior executive or director, who as per statistics are men because we don’t a minor female representation at the exec or senior leadership level. If she cannot influence as much, the cohorts of women formed to support other women are not so effective in materialising a new female appointment.

Lack of technical skills:

Females sought after for roles and opportunities for their gender more often than their experience or qualifications.

Women are well regarded and seen to be accepted in the roles of Security Analyst, Security Consultant, Security Software Developer, Data Protection Officer, Chief Privacy Officer, Risk Manager, project managers, org change managers, business analysts.

However, women are not seen to be taken seriously and not treated as an equal by their male counterparts in the roles of Security Engineer, Security Administrator, Chief Information Security Officer, Computer Forensics, Digital Forensics, Cryptographer, Security Specialist, Security Code Auditor, Security Architect, Malware Analyst, Cryptanalyst, Cybercrime Investigator, Penetration Tester, Security Incident Responder. Reason? The subjects and practices are very technical and needs continuously updating technical skills, this attracts women less as women are more people oriented that technology oriented naturally. Sub conscious bias amongst male counterparts because of the gender balance targets, criteria for women may be slightly relaxed and that’s where men build all the pre-conceived notions about a female employee’s calibre, and it leads to superiority complex in men in the same role as their female counterparts. Females have to prove themselves over and over again and work twice as hard to build credibility so that there is no doubt about what they are capable of, rather than starting from a place of acceptance and the fact that they must be the right person if they have been appointed to the role. However, a male new employee that may not have met 100% criteria, enjoy ready acceptance, as they were not recruited to fill a quota.

Females are even made to feel unworthy or undeserving by male colleagues that do not see them as equals potentially because more work, projects and activities are directed towards them due to lack of confidence by manager in the female staff or natural kindness and compassion towards them. There have been instances where comments such as “you are only recognised as a diversity stunt” or “you dint have to take all the interviews like us right?” or “she is too emotional to take on that role” or “she doesn’t even have certifications to her credibility”. This is challenge in retaining women.

Chinese women that are Australian citizens, specially first generation migrants in particular face bais related to turst when it comes to federal government jobs.

Applying for jobs:

Women have lower risk appetite as they look for safety