Eliminating gender bias in cybersecurity could grow industry by the billions
USD$30.4 billion could be added to the cybersecurity industry by solving a single issue: bringing the gender ratio of workers to 50:50.
This number would hugely boost the industry’s economic contribution in the US, with £12.6 billion being added in the UK if the number of women working in cybersecurity rose to equal that of men.
These figures say nothing of the current gender pay gap in the industry, which if closed and equalised, could add a further $12.7bn and £4.4bn to the US and UK economies respectively.
This means if gender bias were eliminated from the two countries’ industries, a total of $43.1 billion and £17 billion would be added to their respective economies.
This is according to research released today from Tessian, a human layer security company, which surveyed a group of professional women in the industries of both countries.
“For organisations to successfully recruit more women into security roles, they need to understand what’s discouraging them from signing up beyond just gender bias,” says Tessian senior executive Sabrina Castiglione.
“We need to make women in cybersecurity more visible. We need to tell their stories and raise awareness of their roles and experiences.
“And once through the door, managers need to clearly show women the opportunities available to them to progress and develop their careers.”
The research reveals trends in both countries relating to the barriers preventing women from entering the industry, with some certain contrasts found between the two nations.
- 82% of female cybersecurity professionals in the US believe that cybersecurity has a gender bias problem versus 49% of those in the UK.
- Just 12% of UK respondents say a lack of gender balance was a challenge at the start of their career versus 38% of those in the US.
- US respondents were also three times as likely to believe that a more gender-balanced workforce would encourage more women to pursue roles in cybersecurity.
- 42% of all respondents think a cybersecurity skills gap exists because the industry isn’t considered ‘cool’ or ‘exciting’. This opinion was most commonly shared by millennials - 46% vs. 22% of 45-54-year-olds.
- A lack of awareness or knowledge of the industry was the top challenge female professionals faced at the start of their career, with 43% citing this as a barrier.
- 43% of women said that a lack of clear career development paths was another challenge at the start of their cybersecurity career, while nearly a quarter (23%) cited a lack of role models.
- Just 53% say their organisation is doing enough to recruit women into security roles.
Almost half (51%) of women surveyed reported believing more accurate representations of the industry in the media would encourage more women to consider cybersecurity as a career path.
In fact, respondents ranked this as the number one way to encourage more women into cybersecurity, followed by a gender-balanced workforce (45%), cybersecurity-specific curriculum in universities (43%) and equal pay (28%).
“To many people, cybersecurity equates to - and is limited to - someone in a hoodie bent over a keyboard in a dark room,” says former IBM chief information security officer Shamla Naidoo.
“That’s not the case at all. If we don’t expand beyond that, we’ll lose out on even more people in the industry.”
Aside from the value added to the industry and wider economy that comes from hiring more women, respondents felt other rewards lay in store for women considering a shift to the industry.
93% report feeling secure or very secure in their job, and 56% believe they making an impact and that cybersecurity is one of the most important industries as more advanced cyber threats mount up.
“The future of cybersecurity needs diversity. 2019 was the worst year on record for data breaches, with 61% of organisations reporting a breach as a result of human error or malicious activity,” says Castiglione.
“With data breaches rising year on year, and with cyber threats continually evolving, we need different ideas and approaches to solving security problems if we are going to keep people and data safe.”