A new study has revealed that women hold only 10% of board positions and 16% of management positions within the world’s leading cyber security companies. The study was carried out by Eskenzi PR and Marketing, and looked at the websites of 138 companies from the Cybersecurity Ventures Hot 150 to understand the ratio between males and females in senior positions. It uncovered that out of 609 board positions, only 60 are taken up by females, while out of 1,700 management positions only 271 are taken up by women. This highlights a major gap in the industry where companies could be missing out on the specialist skills women can bring to cyber security.
“I have worked in cyber security for over 25 years and watched it evolve throughout this time, but one thing that hasn’t changed is that the industry is still swarming with men,” Yvonne Eskenzi, director and co-founder of Eskenzi PR and Marketing. “The industry needs more women in driving seats and companies need to understand the traits women can bring to security roles to improve our overall defences. Today is International Women’s Day and I want our study to stand as a call to action for cyber security companies to make a conscious effort to recruit more women and encourage more women to get involved in this fast-paced and exciting industry.”
The study also looked at the types of management roles women hold within cybersecurity organisations and it revealed that the majority hold senior roles in either marketing or HR. There were only eight female CEO positions held and only one security company has an entirely female management team, compared to 19 companies that have entirely male management teams.
“The challenges facing our society related to cyber security threats are pervasive and will only get worse,” said Vanessa Pegueros, chief trust and security officer at OneLogin. “We need talent not just from 50% of the population (men), we need talent from 100% of the population to tackle these complex problems. We need women at the board level and at the leadership/management level because we experience the world differently than men and that experience is valuable in problem solving. We need a broader lens on these problems and that can only happen when women are at these elevated positions.”
“While appreciative of technological advancement, it’s important to call attention to the responsible use of AI and fairness, and ethical use of data,” added Gina Dragulin, VP at Synthesized. “Organisations leveraging AI to identify potential job candidates hold a responsibility to ensure the hiring algorithms used do not discriminate against genders; an issue that has been highlighted in recent studies. If the industry wants to tackle the issue of attracting more female talent, and importantly, be more diverse and inclusive overall, the focus should be on proactively solving the issue of biases in data. Fairness and ethical use of data need to be at the centre of any data-driven company. One way to achieve that is through the use of data synthesis technology, where any bias in the original dataset is removed, levelling the playing field for all candidates.”
As part of International Women’s Day, Eskenzi also wanted to highlight some of the females that are leading the way and excelling in the industry. Natalie Page is a threat intelligence analyst at Talion and she works on the cyber front lines defending companies against today’s online threats. She graduated from the University of Lancashire in 2017 after completing a Masters in Cybersecurity, however it took her almost a year to land her first job in the industry. Page loves working in cyber because of the new challenges she faces every day, she also enjoys researching new threats and gaining an insight into the attacker mindset. Page encourages more females to join the industry as she believes women can bring certain traits to the role, which can help improve security defences and also make security teams more collaborative.
“When I was at university all my professors told me I would land a job in cyber straight away because there was such a talent shortage, however, this wasn’t the case,” recalls Page. “Most companies ask for 10 years’ experience before they will even consider an interview. My fellow students on my Masters course were all females, but only two of us work in cyber today. This shows that a lot of companies are missing a trick by not working with universities to bridge talent shortage or encourage more females to get into the industry. Cyber is one of the fastest paced industries and every day I see new things which amaze me. The industry needs more females as women can bring new thinking to identifying threats, and organisations can benefit from this to help improve their security.”
Ainsley Braun is a Director at Synopsys. Before moving to Synopsys, she was the Cofounder and former CEO at Tinfoil Security. Braun earned two Bachelor of Science degrees from MIT in 2010; one in Brain and Cognitive Sciences and the other in Writing. She holds five patents, and has published two scientific papers in Cognitive Vision. She is also a member of the Silicon Valley Leadership Group (SVLG), a Board Member of the Women in Cybersecurity council at California Technology Council (CTC) and co-captain of the Samurai Capture The Flag (CTF) team.
Anna Collard, SVP of content strategy and evangelist for KnowBe4 Africa has been working in the cybersecurity field as a security architect and consultant for 18 years, where she has assisted organisations across South Africa, Europe and the US. Collard founded security content publisher Popcorn Training, now part of KnowBe4, which is a South African company that promotes cybersecurity awareness by using innovative, story-based techniques and gamification to make complex content simple to understand and easy to remember. She won the Women in Tech Innovations Throughout Africa 2020 Award for Southern and Central Africa. Collard holds various security certifications, such as CISSP, CISA, ISO 27001 lead auditor, CIPP/IT and used to be a Visa/Mastercard PCI DSS QSA.
“As an industry, we need to showcase opportunities for different skill levels and interests to attract more females,” said Collard. “Last year, we ran a survey across 500 African teachers in primary, high school and higher institutions. One of the common denominators in the feedback received was that sharing success stories of other women in the industry, especially of successful female African CISOs will hopefully inspire more young girls to pursue a career path in the tech and security sectors. The other feedback was to make it more ‘cool’ and ‘attractive’ – the cybersecurity industry does not consist of guys in hoodies in dark garages, but this is the perception many still have.”
Meera Rao, DevSecOps Practice Director at Synopsys, has over 20 years of experience working for software development organisations in a variety of roles including Architect, Lead Developer, and Project Manager and Security Architect. She has worked with a number of Fortune 500 companies and various government organisations. Meera has overseen and performed secure code reviews, static analysis implementations, architectural risk analysis, secure design reviews and threat modelling of systems built from a few thousand lines of code to systems containing tens of millions of lines of code (Java, JEE, .Net, Rails, Grails, and C/C++). She is also a certified instructor in Architecture Risk Analysis, Threat Modelling, Defensive Programming Generic, Defensive Programming Java EE, Defensive Programming C#/VB.NET, Foundations of Software Security, Software Security Requirements, OWASP Top 10, Secure Code Review and Static Analysis.
Youtse Sung is VP of Global Marketing at Outpost24. She brings over 10 years of experience in global marketing roles crossing digital and customer experience software and cybersecurity. As the VP Marketing, she combines product marketing expertise with an extensive background in communications and operations to deliver marketing programmes that build awareness, differentiation and demands. Prior to joining Outpost24, Youtse has held various growth marketing positions in the technology space including Episerver.
“Before working in the sector I had no idea how interesting and dynamic it is,” said Sung. “I’ve always been fascinated by technology and cybersecurity is the perfect place to see how technology can be used to disrupt or protect users and businesses. The fact that we’re delivering software to help customers improve security posture and reduce the risk of a cyberattack makes my job all the more meaningful. I’ve had the pleasure to meet and work with many amazing women (and men) in cyber security, and I’m proud to work for a company with a strong emphasis on equality, not just gender but all kinds, where we are encouraged to do our best work regardless.”
“As a woman working in technology, I’m a strong believer that confidence is key,” stated Meera Rao, Senior Director at the Synopsys Software Integrity Group. “The true key to success is making sure your opinions and ideas are heard and being confident in your vision for what you want to achieve. In a field predominantly populated by men, women can defy the stereotype of what an engineer looks like by showcasing their expertise and taking a leadership role in implementing cutting-edge tools and processes. Early on in my career I realised that I needed to focus on my skills and ability to communicate effectively in order to gain the trust and respect of my colleagues. In other words, confidence and speaking skills are key to success.
“It’s key to empower all voices and promote inclusion for one and all,” she continues. “Talking about diversity is a good start – everyone should understand that inclusivity provides many benefits within an organisation. Diversity can help ensure a more productive, innovative, and creative workplace; a more respectful and positive workplace culture; and above all, employees who are happy create an organisation with high employee morale. But it’s not always easy to have those conversations. We might start by having them within our own homes, our own inner circles, and then having those tough conversations at our workplace.
“Being an advocate is vital no matter what position you hold in your organisation,” noted Rao. “Making sure everyone in the workplace feels they are important, are able to express their ideas, and are wanted is key. When I first began travelling around the world and working with Fortune 500 companies, I struggled because I didn’t have any female role models, anyone to talk to, anyone to share my challenges or even my thoughts with. However, I was able to rely on mentors who helped me achieve my goals. That experience is why I vowed to be an advocate for women who were nervous to raise their voice, share their challenges, or speak up.”
“The UK is home to incredible cyber security founders and technologies and an increasing number of high growth companies in this sector,” added Kerry Baldwin, Managing Partner, IQ Capital. “I actively mentor new investors to Cybersecurity Venture Capital, support diverse founders within this sector, and I sit on the Boards of cyber security companies including CyberSmart and Cybsafe. We need to shine a light on successful women in cyber and encourage more women to join the industry.”
“An important message of International Women’s Day is that we can all be doing more to drive inclusivity and diversity in society and in the workplace,” noted Emma Fadlon, KTN, and is Co-Director of CyberASAP. “In cyber security there is a clear gender gap even though it is recognised that women bring the diversity in thinking that is critical in both assessing cyber risks and in the running a successful business. So, we need to inspire women across all ages to consider the many careers in cyber security. Supporting early years education and inspiring graduates by providing role models and showcasing the varied jobs is just one opportunity. At an organisational level, businesses can look to see how they can revise strategy and foster women’s confidence to pursue careers, grow and develop professionally. I am a strong believer that confidence is key and by providing women with access to some of the skills and business tools, I hope that I can help and inspire more women’s participation and ambitions.”
“I have been working as a cyber security analyst for over a year and I love how exciting the industry is and how no day is ever the same,” said Georgia Michala, L1 Cyber Security Analyst at Obrela Security Industries. “My team and I work to protect our customers against cyber criminals and we have to stay one step ahead of them at all times. This makes my job very fast paced, which is a great fit for my personality. I believe other women need to join the security industry as there is huge potential for females and the industry offers a very exciting career choice.”
“International Women’s Day is a reminder to both celebrate how far we’ve come and also acknowledge how much work is still left to be done,” concluded Shandra Gemmiti, Senior Manager at the Synopsys Software Integrity Group. “It’s a day to come together and challenge the status quo, and recognise the need to continue to push for meaningful change. This day holds a special place because I want to be able to look at my daughter one day and explain to her that her mom pushed boundaries and challenged biases so that just maybe, she didn’t have to.”