jane-frankland
Human Resources

Where are all the women in cybersecurity?

Jane Frankland built a successful UK cybersecurity business at Corsaire in the late 1990s and has held a series of executive and consulting roles. She recently raised crowdfunding to write a book (working title: Women in Cybersecurity: Standard Not Exception) in which she will suggest why only a small, and declining, minority of those working in security are female. The book, currently being researched, is also likely to suggest ways in which we can correct a gender imbalance that is bad enough in ICT generally and might be worse yet in security.

She’s no stranger to uphill tasks though, having made her startup Corsaire into a seven-figure sterling revenue business in the late 1990s, by specialising in high-end penetration testing – and all without Frankland having prior experience of technology.

The lack of women in the infosec sector shocked and still shocks Frankland and it also today seems out of kilter when a skills shortage is so apparent and as cybersecurity has grown as a threat. Also, for Frankland, the benefits of there being more women in IT go beyond the arguments for equal representation and she has an interesting take on why a feminine perspective is so important in security thinking.

“Women think differently to men and see risk in a different way,” she says. “It really comes down to genetics. We’re programmed to give birth so we’re more risk-averse naturally. When we have more diversity we all do better.”

Frankland also believes IT could do with more glamour.

“Many job specs use the language of combat – ‘cyber warrior’, ‘ninja’ and so on - and this does nothing for our industry. It holds us back as it doesn't appeal to most women. Perception is reality. So the thought of being a minority surrounded by middle-aged men or guys dressed in hoodies that obsess about code and malware day-in, day-out isn't terribly appealing to most young women. When I started out, security interested me because I thought it was cool - a bit like James Bond. I still think it's cool. In fact, it's cooler than ever!”

She also takes a broader perspective on hiring that goes further than gender.

“If we bring people in who see things in a different way - be they women or creatives - that’s to our benefit. Techies tend to be very detailed as they focus on one thing that's siloed. As a result they can be blindsided. And by being blindsided the chances of missing something increase.”

Frankland’s answer to all this is very hands-on. There have of course been many rallying calls and efforts to attract women into IT careers but they have, believes Frankland, been well meaning but disjointed.

“The UK government has made a start and is doing a good job in schools and with the National Curriculum. However, they could do better. Many people remain unaware of their efforts and initiatives. Their PR and communication needs to be improved and they could make the curriculum mandatory. Right now, schools can opt out. They could also improve legislation around parental leave - specifically paternity leave, like they do in Sweden and Canada.” 

Government-backed and academic schemes are all very well but the challenge is short-term too and needs to be attacked practically, she argues.

“We need to build a pipeline [of future employees] but we also need to get them in now and train them up fast,” she says. “STEM is great but it’s only an aspect of our industry. We need to bring interested people in. It's our job to inspire them and turn them into professionals who are passionate about our industry.

“We need to attract people with good thinking ability. We need to assess them when recruiting and we can do this without even bringing gender into question. Unconscious social bias is rife and many are unaware. Via online assessments we can ascertain their work readiness. Are they fit for the job? Can they retain knowledge, implement it and do they pose a risk to our organisation in the future? With this data we're better equipped to make sound recruitment decisions and to devise learning and development programmes to support them.”

Schools, colleges and universities of course have a role to play but it’s important that we push on and see a career in cybersecurity as being about more than just learning how to handle worms, viruses and assorted other malware.

“Skills aren’t current because they’re not being taught properly,” Frankland argues. “These are just skills. You can have an aptitude but where there’s a will there’s a way.”

In fact she says obsessing over STEM subjects “gets right up my nose” and argues that we need to train up people from every corner rather than “fix” early-stage learning and culture.

“I know people who have come in and been successful from being bricklayers, artists, actors, philosophers,” she says. “This is an industry of the future. One of the most important skills we see today is the ability to change fast and if you can’t you’re going to be redundant, blown out of the water. There are some programmes being talked about but they’re slow - 18 months to two years out…”

As a positive example she gives the consulting giants who take college leavers and train them up quickly and expose them to the real world. “The ‘big four’ train them fast and do a very good job,” she says, even if they struggle to retain them. 

Frankland believes that women in cybersecurity might even be more of a minority than those in IT generally.

“If I’m thinking of female CISOs or heads of cyber there are only a few and then when we have women coming in there’s a retention problem. Why have they left and why aren’t they coming back?”

One reason is a classic and Frankland says she has even heard professional recruiters say they would not hire a woman of child-rearing age. But she hopes that times are changing and says, “Boys from Generation Y will want to be around for their kids and in nine years they’ll be 75 per cent of the workforce.”

Those that don’t note such demographic shifts and take a restrictive view of training and hiring will suffer, she warns - and so will the rest of us.

 

Stay informed about Frankland’s book here.

 

Also read:

Maths course game changer: Dr Sue Black tells her story at London Tech Week

Barbie starts a new career – as a game developer

Is sexism really worse in tech?

Why do we need more women in IT?

Mimi Thigpen: On being a female CEO

Perspective: A woman in tech in Palestine

South Africa: Being black and female in tech

Spotlight: 5 Cameroonian female techies

Shellye Archambeau: Racism and the road to tech CEO

Bletchley Park: From code-breaking to kids coding

PREVIOUS ARTICLE

« C-Suite Talk Fav Tech: David Peters, Emagine International

NEXT ARTICLE

C-suite career advice: Georgette Stewart, NSK Consultants »
author_image
Martin Veitch

Martin Veitch is Editorial Consultant for IDG Connect

  • twt
  • twt
  • Mail

Recommended for You

How to (really) evaluate a developer's skillset

Adrian Bridgwater’s deconstruction & analysis of enterprise software

Unicorns are running free in the UK but Brexit poses a tough challenge

Trevor Clawson on the outlook for UK Tech startups

Cloudistics aims to trump Nutanix with 'superconvergence' play

Martin Veitch's inside track on today’s tech trends

Poll

Is your organization fully GDPR compliant?