Women in cyber: moving the needle
We all have role models. And they need not be celebrities or even well-known names. They’re often people close to us who quietly go about setting good examples - a parent, a teacher, a sports coach.
People who help build communities. A person you may have thought to yourself “I’d like to be like that”.
“In a survey of 300 women employed in cybersecurity, less than 50 per cent said they entered the field via IT or computer science.”
In my field, cyber-security, there are particular role models who are making a real difference. They’re women.
The 2019 Women in Cybersecurity report shows women now represent about 24 per cent of the cybersecurity workforce, up from 11 percent in 2017. While encouraging, this figure is still way too low, so our industry needs to continue pushing for and inspiring more women to join cyber.
And that’s where female role models can continue to help move the needle in a positive direction.
The underrepresentation of women in cybersecurity is significant for many reasons. Many studies show gender diverse organisations perform better. However, the cybersecurity industry has a more immediate problem with the demand for cybersecurity talent expected to rise to six million globally this year.
That means cybersecurity needs to not only attract more women but also retain them and support their progress to leadership positions.
The reality is the information security industry is still heavily dominated by men which can discourage young women from a career in this field.
That’s why it’s so important to highlight women leading the way in a variety of roles at companies like Facebook, Apple, YouTube, Airbnb and across businesses and government. They will become role models for the next generation of girls to follow technology-based education paths and careers that will shape the future.
In a survey of 300 women employed in cybersecurity, less than 50 per cent said they entered the field via IT or computer science. Instead, the respondents had diverse backgrounds such as compliance, psychology, internal audit, entrepreneurship, sales, marketing and communications.
The pipeline of women entering the cybersecurity industry is as diverse as employers are willing to imagine. Cybersecurity careers are cutting edge. The industry is critical to the economy, national security, social behaviours.
We need leaders and role models with communications and social skills who want to build teams, work in teams and support teams, who will work to create a positive environment.
Trusted and protected
As organisations such as banks move rapidly into the next digital era, we need to make sure innovations and new technologies are safe and secure to use while providing customers with convenience and confidence. This must all stem from trust the bank is protecting their money and their private data.
People in cybersecurity specialise in gathering intelligence on cyber threats around the world and building and operating systems to protect the public, developing data analytics to look for unusual network activity and penetration testing where they emulate a cyber-attacker to find vulnerabilities in systems and applications.
Others work quite differently - developing awareness and education programs to help staff and customers learn how to stay safe online, and running simulations exercises to practice responding to a cyber-attack.
For me, being able to protect the bank and its customers from threats is an amazing feeling. It’s always challenging - none of my days are the same and there’s always so much to learn.
Even though my career has spanned a number of different roles, most have used my early training in some way. I’ve advised Prime Ministers on national cybersecurity programs, attended meetings at the White House in Washington and participated in overseas events like Australian-US digital technology week and the Global Cyber Space Conference in Holland.
A lot of the work I did in our national security organisation is highly classified so I can’t talk much about it, however knowing how cyber-attackers work is knowledge I have been able to apply in all my roles.
At ANZ, approximately 40 per cent of cybersecurity leadership roles are filled by women.
We achieved this by understanding the need to provide flexible working opportunities, including options to work part time or in job share roles. The recent introduction of our market-leading Return to Work program saw a significant influx of women into security roles. New mentoring programs have also expanded the support network available to women entering, re-joining or currently in the work force. Our reskilling program - named after Ada Lovelace, the first coder - has helped women get a start in cybersecurity.
For me, working in a senior executive role when I first had children could be challenging, but working part-time for a number of years and job sharing made it easier to balance the different parts of my life.
Now at ANZ, I use flexible working arrangements and usually work from home 1-2 days a week to help me achieve balance. Technology also enables people to video conference into meetings from anywhere to still feel connected with colleagues while managing busy lives.
I also find ANZ’s dress for your day policy makes a difference in a busy life. On many days, jeans and a black tee-shirt will suffice. This means less times ironing, managing dry cleaning… all positives when you have a busy family and working life. Such policies are part of the reason ANZ has been successful in attracting and retaining women in security.
ANZ, along with the other major banks, also formed a partnership with the Australian Computing Academy (ACA) to introduce the Schools Cyber Security Challenges (Cyber Challenges). This $A1.35 million national program has seen cybersecurity taught to students in years 7-10 for the first time in Australia. The Cyber Challenges provide an opportunity to build greater curiosity and passion for cybersecurity in young Australians, particularly females, by encouraging them to develop and become more confident in their skills, while showcasing the genuine career opportunities available.
The cybersecurity industry is growing at an unprecedented rate and, as a consequence, so is the talent gap for those with the needed skills.
Thinking outside the box and bringing in talented professionals from places not normally recruited, looking at the problem across all demographics and being willing to spend resources on training employees who have basic cybersecurity knowledge or who seem predisposed to learning will all help close the gap.
Cybersecurity is too important not to fix because it touches many industries, governments and individuals.
Lynwen Connick is Chief Information Security Officer at ANZ
IN PICTURES: the way we wear