Challenging the perceptions of a cyber security career

17 November 2017


I recently spoke to some new female members of our cyber security practice about their career path into the field, and when I raised some of the barriers I’d faced at the same point, my junior colleagues challenged these perceptions. It was certainly positive to hear that those entering the profession now were of the belief that they were not experiencing the same discrimination, and that there are now fewer obstacles to their own career and promotion prospects. I was pleasantly surprised to realise how far the industry has come in recent years.

Over ten years ago, I entered the information security industry as a technophile, eager to learn about this new and growing area of technology. It quickly became apparent that I was one of only two female recruiters in this field, and one of the only women attending conferences and engaging with (mostly male) professionals within it.

Honestly, that didn't put me off as the majority were very happy to talk about themselves and their careers, what they did and why they were passionate about it. But I did find I was sometimes treated differently. If the conversation got very technical, I was apologised to in case 'I couldn't keep up'. Some appeared surprised by my knowledge of the industry, it's terminology and the people within it. However, I learnt a lot from some amazing people who opened up and were clearly excited by the topic, made it interesting and who didn't marginalise my recruitment and business experience.

Roll forward, and some of the very same people who gave me opportunities then, have since hired me into recent positions, providing me with a platform to continue my cyber security journey. Now I’m working at PwC, and we’re working hard to make sure we’re hiring a diverse mix of people into tech careers. We have various Women in Tech initiatives in place across the firm to mentor and coach our women into senior level roles. Many of our clients have also successfully hired strong, diverse teams, some with a significant number of women into management positions.

I met more female students at a recent industry event who asked questions about the barriers and challenges I’d faced too. They were yet to experience any discrimination and wanted to be prepared. As I observed these confident, articulate women, in an energetic and positive space where they could share ideas, talk with future employers and plan their careers in STEM, I acknowledged that we have come a long way from my earlier experiences in technology. And we risk becoming the problem if we don't welcome them with open arms, be positive and help them to explore making the most of their journey, without any preconceived prejudice.

This is not to denigrate from those shining a light on the diversity issues to date. As an industry, we still have a long way to go with just 7% of women in cyber security across Europe, 11% in the UK and globally - a figure that has remained stagnant since 2013. In 2016 women earned less than men at every level in this industry. Men are four times more likely to hold C-level positions and nine (yes, nine!) times more likely to be in security leadership roles compared to women. Yet we know that gender diverse boards are more successful (and profitable) and both gender and ethnically diverse teams perform better.

Men and women of cyber security - our role is to continue to be passionate and generate interest in the wide spectrum of opportunity our profession holds. To consider and promote a diverse workforce and to speak up if the relics continue to discriminate. Actions speak louder than words, so let’s try to be positive role models.

I’ve learnt so much and if I were to start my career again in cyber security, I’d remind myself:

  • Security has no gender;
  • To make the most of positive mentors;
  • There is always someone smarter, but remember your unique perspective and experience is valuable.

I'm excited by the attitude of our junior workforce and take comfort in knowing the next generation will be proactively self-serving; if they like the environment, people and the work, they will rise to the challenge and forge their careers regardless of stereotype.

Most importantly, the cyber security industry has a bright future.