Closing the gender gap in cyber security

11 October 2016

CREST president Ian Glover said CREST’s workshop addressed areas that were considered vital when addressing diversity such as education and industry perception, amongst others.

Ian Glover said CREST’s workshop addressed areas that were considered vital when addressing diversity such as education and industry perception, amongst others.

CREST, the not-for-profit accreditation and certification body representing the infosec industry, is calling for more women to become cyber security professionals. 

“Increasing the number of women in cyber security is not simply for diversity’s sake, but for the sake of the industry,” said CREST president Ian Glover.

The organisation has recently released a report outlining the conclusions from its 2016 Diversity Workshop. Citing data from ISC2 ’s latest Global Information Security Workforce Study, the report said that women in the infosec profession represent 10 per cent of the global workforce. 

That figure has remained unchanged from the 2013 study. By comparison, 26 per cent cent of IT professionals worldwide are women (according to the American Association of University Women), as are nine per cent of engineering professionals in the UK (according to the Women’s Engineering Society). 

Part of CREST’s workshop was to look at why diversity is an increasingly important issue and what is deterring women from entering the industry. Glover said: “One of our attendees put it best, suggesting that by consistently taking people from the same backgrounds, we’ll keep coming up with the same approaches and solutions.”

Workshop attendees argued that women bring a different mindset and set of skills to the workplace, including attention to detail, analytical ability, and problem solving

In addition, they pointed out that a diverse workforce is more productive, and that research shows increased profitability in companies with more women, especially at senior level. 

They also agreed that given the huge skills gap in the industry, it makes sense to double the recruitment pool of people that industry recruits from. 

CREST is now looking at collaborating with existing industry initiatives and define an agreed set of actions to raise the number of women in the cyber security sector.