Women in cyber security face “persistent and enduring barriers” a review of research commissioned by the Office of the Cyber Security Special Adviser has revealed.



The review, published yesterdayand carried out by UNSW Canberra Public Service Research Group and UNSW’s Australian Centre for Cyber Security, examined existing academic and industry literature on female participation in the cyber security industry and related roles.

“Barriers to girls and women commence early – from primary school – and continue throughout women’s careers to the executive levels. Barriers also exist at all stages of the employment life cycle, from recruitment to career development and performance management, culminating in women leaving the industry,” the review’s authors summarised.

The review confirms unpublished earlier research by Department of Prime Minister and Cabinet that suggested that marketing, role models, and hiring practices are barriers to attracting women into the cyber security, and that workplace culture, a lack of flexible working arrangements and fear of failure impede women’s retention in the industry, researchers say.

According to astudy published earlier this yearfemale employees are vastly under-represented in cyber security, making up only 11 per cent of the global information security workforce and 10 per cent in the Asia-Pacific region.

The same study found that women in cyber security report widespread discrimination and stereotype bias. More than half of women in cyber security have experienced some form of direct or indirect discrimination, compared to 15 per cent of men.

Women in the industry also faced persistent wage inequality which could not be explained by motherhood or part-time employment, a 2016 study by the Office of the Chief Scientist suggested.

Although research into female participation in cyber security specifically is limited, especially in Australia, researchers said women in the profession were likely to be facing similar issues as those working in ICT.

In the broader sector researchers noted “specific practices and policies that have been found to exclude, marginalise, or disadvantage women” which include “long hours working cultures, women professionals being excluded from the ‘boys’ club’, women being subjected to sexist remarks, and the technical expertise of women being regarded less seriously than that of male colleagues”.

Increasing women’s participation requires “systemic and organisational change”, the report states.

Action planned

The Department of Prime Minister and Cabinet said the low representation of women in cyber security careers was a “pressing issue for Australia’s national and economic security”, and added that further research was required.

“In the short term, we will again be hosting ourWomen in Cyber mentoring programwith events across Australia to show women who competed in the 2017Cyber Security Challenge Australiathe breadth and depth of cyber security careers and provide them with support and mentoring opportunities,” the department said.

“Longer term, we will continue to develop a coherent, action oriented plan of practical initiatives, research proposals and measurement tools to increase the number of women in cyber security careers.”