5 minute read

Australia’s cybersecurity sector: where are the women?

Next Article
Gabrielle Raymundo

Gabrielle Raymundo

MARIA BEAMOND LEONORA RISSE

by Dr Maria Beamond, Lecturer in Management, RMIT University and Dr Leonora Risse, Senior Lecturer in Economics, RMIT University

At a time when Australia’s security sector is growing in importance it is suffering from a skill crisis: employers are having difficulty finding a sufficient number of suitably qualified people to fill available roles. Australia will need around 7000 additional practitioners in the security sector by 2024, according to AustCyber.

Moreover, the cybersecurity sector, and the security sector more broadly, suffer from a distinct lack of diversity, particularly from a low level of participation by women. Women’s under-representation could be the result of biases and barriers impeding their career opportunities and advancement in the sector. The growing awareness of the benefits diversity can bring to organisational performance, decision-making and responsiveness and to meeting the real-world challenges organisations face, leads to a realisation that the sector, as a whole, is not operating optimally. These issues mean the factors contributing to women’s low representation within the cybersecurity sector need to be better understood.

Available estimates suggest women comprise somewhere between 11 percent and 24 percent of the cybersecurity workforce. However, there is no accurate measure of the gender composition of Australia’s security industry, nor a clear picture of the types of jobs women are undertaking and the skills they possess.

RMIT Centre for Cyber Security Research & Innovation (CCSRI) and the Australian Women in Security Network (AWSN) are partnering to undertake a research project to address this knowledge gap by providing new statistics on the gender composition of the security sector in Australia, including cybersecurity. These fresh insights will be drawn

from official labour market statistics collected by the Australian Bureau of Statistics and a tailored survey of members of the security sector workforce in Australia.

WHY SHOULD THE CYBERSECURITY SECTOR CARE ABOUT GENDER EQUALITY?

Available data suggests technology workers, such as cybersecurity professionals, are approached with a new job offer once a week and that some 45 percent of organisations are short of cybersecurity talent. There are signs this skills crisis is worsening, given discussion about the skills shortage in cybersecurity talent “has been going on for over ten years” and “there has been no significant progress toward a solution to this problem,” according to an ESG report.

This skills crisis has negatively impacted several organisations by increasing the workload of existing employees, leaving tasks unfilled and causing high burnout among employees. These problems make it imperative to attract new talent and diversify the composition of the cybersecurity workforce.

Inequitable opportunities and gender-based biases create barriers to greater diversity that are sometimes intangible. Our understanding of the influence of implicit biases and barriers imposed on women in many vocational and professional settings is growing. These barriers are often due to the persistence of traditional practices and gender-patterned stereotypes, according to a report in the Harvard Business Review. This research paper suggests one solution to the shortage of talent in the cybersecurity industry could lie in better understanding the reasons for the sector’s gender imbalance.

The research being undertaken by RMIT and AWSN will provide a deeper understanding of the barriers to, and enablers of, women’s careers in the security sector. The insights generated will help expand the sector’s talent pool and equip it for the growing challenges and demands it faces in the future.

While existing research suggests general ways to expand the sector’s talent pool there is little focus on gender inequalities and the factors that explain women’s low representation in the sector. This project will provide insights to better understand the factors that can either support or deter women from pursuing, and flourishing in, a career in the security sector.

Taking an industry-wide and economy-wide perspective, this research project will also investigate the ways in which the industry is failing to achieve optimal performance and fully meet the needs of its client base. If the cybersecurity industry is not operating with a gender balanced workforce, it is failing to attract, nurture and retain the full breadth of talent and skills available in the workforce and the capacity for innovation.

THE SOLUTION

Women’s under-representation in the security sector can be likened to a leaky pipeline, an analogy often applied to other industries experiencing gender imbalance.

Firstly, there is a need to attract women to the sector, a process that begins during their education when they are assessing their career choices. Those women joining the sector need support throughout their careers to help them progress. This entails understanding the factors causing women’s careers

to stagnate and lag those of their male peers or causing them to drop out of the sector completely. If women step out of the workforce to have children, or for other caring responsibilities, their re-entry into the workforce needs to be supported.

Dropouts mean fewer women progress to senior and leadership levels. This has repercussions for workforce culture and the capacity of cybersecurity to attract the next generation of women.

This study will identify the factors contributing to this leaky pipeline and the policies and changes needed to foster the increased representation of women.

THE RESEARCH

Through data analysis and a survey of the security workforce, this research project offers:

• A definitive understanding of the number of women working in security and the gender composition of the sector, with a focus on cybersecurity. • And understanding of the distribution of women across security roles, with a focus on cybersecurity roles. • And understanding of how Australian women’s skills and capabilities can contribute to overcoming the current and expected future professional skills shortage in the security industry. • An understanding of the enablers of and barriers to women’s participation in the security sector, and identification of the practical applications of this knowledge. This will require an understanding of the sector’s policies and institutional practices, of educational and training pathways and identification of

the strategic interventions by key agencies and stakeholders that can have influence. • An exploration of the ways to create a cybersecurity talent management system that will work for women. This entails identifying the elements of the cybersecurity talent management system that will most effectively and equitably attract, select and retain female talent. It will encompass planning, employee engagement, learning and development, performance management, recruiting, onboarding, succession and retention.

ABOUT THE AUTHORS

This research project is being conducted by RMIT University Centre for Cyber Security Research and Innovation in partnership with the Australian Women in Security Network (AWSN). It is being carried out as an independent academic research analysis and is not linked to any commercial interests. The research team comprises: Dr Leonora Risse, Dr Maria Beamond, Dr Joanne Hall, Dr Lena Wang, Dr Banya Barua, Professor Matt Warren and Mr Laki Kondylas.

Further information on this project can be found at https://www.rmit.edu.au/news/ccsri/understandinggender-dimensions-project-survey. The study will be officially launched later this year.

www.linkedin.com/in/maria-beamond-b8187325

www.linkedin.com/in/leonora-risse-92939091

This article is from: