Recently, there has been a lot of discussion about how many women are presently working in the cyber security field. A figure of eleven percent has been used for several years and only recently appears to have increased. In 2017, (ISC)² found that the eleven percent figure was still unchanged. In a study from summer 2018, however, Cyber Security Ventures put the number at twenty percent. This raises a question about how accurate that figure is.
As part of our annual research into the gender pay gap in cyber security, BeecherMadden addressed this issue of numbers of women in the cyber security industry. In general, events that we attend as a company seem to have far more women attending than they did five years ago. We also have far more female candidates applying for positions, and almost all our clients are keen to attract women into their teams. With so much attention on improving the diversity of the industry, it seemed odd that the number of women working in the industry remained unchanged. To understand this issue, we undertook a much broader piece of research for this year’s gender report. We reviewed data from a variety of sources, giving us tens of thousands of participants, more than ever before. The results showed that the UK cyber security industry is now eighteen percent female. We also reviewed our own database and found that twenty percent of our database is now female, an increase of six percent since 2015. As with the research from Cyber Security Ventures, our research includes all of those in the security industry. This broader definition includes digital forensics and privacy as well as some security vendor companies. It does not include IoT companies or those who work in risk or compliance, which has traditionally had a higher percentage of female candidates.
It is an exciting thought that programmes designed for women in the industry have been working. With cyber security constantly appearing in mainstream news, it is nice to think that this has introduced the idea of a career in the industry to a new group of people. There has also been a push to introduce cyber security as a career to school leavers and graduates. With support groups and networking groups designed to attract women into cyber, it is also possible that this additional support from the industry has contributed to the increase. Maintaining this growth will be important if we are to continue to improve. One way of doing this is for companies to offer training to those returning to work. This is the focus of my previous article for Forbes, and also an article on what women can do to retrain.
Attracting more women into cyber security is an important goal. It makes business sense. Having more women in security teams may help companies to better protect their customer. In America, women control 83 percent of all spending decisions. As more spending moves online, having security processes that consider the end customer is becoming ever more important, since women are 26 percent more likely to have their identity stolen. In addition, companies with more women in their leadership teams perform better. A report called The Bottom Line: Corporate Performance and Women’s Representation on Boards found that companies with more women on their board had a 42 percent higher return on sales and turned capital into profit than those with fewer women on their board. The same dynamic held for return on invested capital; businesses with women board directors outperformed companies with fewer women on the board by 66 percent.
Given that increasing the number of women in cyber security is a goal that many companies hold, we should all be pleased that we have started making progress. Eighteen percent still doesn’t go far enough, and while fifty percent may seem far away, there are some companies at this level already. I would encourage every company with a commitment to increasing diversity to consider what has worked for them already, and what more they can do. Perhaps then, we can accelerate the rate of change and get closer to that fifty percent goal.
COO & Founder of BeecherMadden Limited
Experienced and passionate recruiter and business owner. Karla has experience running businesses in recruitment, staffing and ecommerce. Experience recruiting up to CXO level and across a variety of industries.
Karla has 10 years experience as a recruiter and business leader. She is committed to growing and developing BeecherMadden as an award winning international recruitment company, seen as the recruitment partner of choice for corporate governance, resilience & security and niche technology. BeecherMadden provides talent to banks, consultancies, telecoms, retailers, technology houses and public sector bodies. In 2017, BeecherMadden were acquired by the
Nicoll Curtin Group.
Karla is a judge for the Cyber Security Awards. She is also an experienced speaker, on the topic of cyber security and women in technology. Her views are often sought and published on this subject, as well as entrepreneurship. Karla is the founder of Tatius Group, an ecommerce investment firm.
Karla was a finalist at the Women of the Future awards in 2016, for Entrepreneur of the Year. BeecherMadden have won the BestFor Recruitment award for Security, and shortlisted for a number of awards for their recruitment services.
Proud sponsors of the Cyber Security Awards
 2017 Global Information Security Workforce Study (GISWS) by (ISC)²
 BeecherMadden industry report 2018
 Top 10 things everyone should know about women consumers, Forbes
 Identity Fraud Research, Javelin Group
 The Bottom Line: Corporate Performance and Women’s Representation on Boards”, Lois Joy, Nancy M Carter, Harvey M Wagener, Sriram Narayanan, Catalyst,