I’ve got a bee in my bonnet and I feel compelled to write about this. This blog won’t be a long read, but hopefully it will add value and be insightful.
I’m not looking to score brownie points with anyone for writing it. Nor am I looking to antagonise anyone. But if I do the latter, I apologise in advance.
I just need to draw your attention to something. Chances are you’ll know this already, but just in case you don’t….
Here goes. Deep breath. Feel the fear, and all that.
For almost a year I’ve been writing a book on women in cyber security, which comes from the premise of how a failure to attract and retain women in our field is making us all less safe. It’s nearing completion now, which I’m excited about, as are others.
As you may also know, the topic of this book wasn’t something I planned on writing. It happened by chance, following a blog I wrote in November 2015 after reading an (ISC)2 report. And, it was the most non-strategic thing I’ve done in my life.
How life’s laughing at me!
Yet, since then, I’ve found it’s become my whole world, and I’ve been championing women in cyber security daily – whether that’s been writing the book; interviewing women (and men) about the challenge; speaking at events about it; mentoring women (and men); sponsoring women (and men); connecting them to people in my network, who can help them more than me; or helping them to transition into our field.
In fact, last year I was invited to speak at 35 events – all over the world, largely about this issue, and this year I’m scheduled to speak at 30 events already, and [at the time of writing] we’re only half way through April. I was also nominated for five awards, short listed for four, and received two.
Anyway, I’ve enjoyed the work I’ve been doing immensely, as I’m passionate about increasing the numbers of women in cyber security. Yet, the reason why isn’t purely because I believe in treating all people fairly and because it’s just. It’s more to do with performance.
As research suggests that women think differently to men, I firmly believe that women must play a fundamental role in helping us in cyber security to perform to a higher standard. When cyber crime, cyber terrorism and cyber warfare are on the rise, and attacks are becoming more sophisticated we need to do something differently. After all, businesses, economies and lives are at stake.
As people are the foundations of good security and one of the components of the golden triangle (people, processes and technology), I do wonder why so many are looking to exclude one group – men.
Yet, ‘women-only’ groups, even when men are welcomed, are doing just that. The words signal that men aren’t welcome, or that this group isn’t for you if you’re a man.
Words are so important. They’re powerful, and change always begins with words, in language.
A while ago I was honoured to keynote at JP Morgan, in London, as part of Women’s History Month. I spoke about my 19-year journey in cyber security, and how I transitioned from being nominated as a Young British designer in my twenties to one of the UK’s top cyber security influencers. I shared my failures, and ten important lessons I’d learnt along the way. I also spoke about how men ARE a big part of the answer to redressing the gender diversity balance in cyber security.
Although there’s a lot of talk about equality or better still equity, women are perceived as belonging to the outside of power. You can hear this in the words that are used – in shared metaphors like ‘knocking on the door’; ‘storming the citadel’, or ‘smashing the glass ceiling’, and so on. Sadly, phrases like these undermine women, as they imply that women have to break down barriers, or alternatively that they’ve to take something that doesn’t quite naturally belong to them.
Women can’t be fitted into the workplace and reap all of the opportunities that could be afforded to them until the system that was originally engineered by men for men evolves.
I don’t blame men for this.
Until things change, women need to learn how to play the system (or game, as I like to call it), which is entirely possible, as it’s flawed. But, we also need to accept that we cannot hope to change things permanently without the backing of men, and that means educating them and including them.
In cyber security men are 90% of our industry, and they are the key to helping us transform the balance. Men are the change makers. But, only if ‘women-in’ and the division ceases. It has to stop being about ‘them and us’ – men and women. When I entered the industry nearly twenty years ago it was never like this. No one actually cared if you were a man or a woman.
I believe if we’re going to change things and alter the balance, it has to be about performance, and as a result I believe men should NOT be excluded.
As a mother of two sons and a daughter, and someone who loves working with men and cool women, I know that good men – the majority of our industry – want to help. I know that many have daughters and wish them bright future careers where they’re able to fulfil their potential. I also know that many men are being inadvertently ostracised with some of these well-meaning initiatives and made to feel like they’re the problem. I even witnessed a man at an event recently apologising for this.
So let’s be clear. Men are NOT the problem. They’re the SOLUTION. The problem is the SYSTEM.
I know that men want to change the system for themselves too. They not only want more women in the industry, as it’s more fun and normal, but they want to improve their situation. They want more of a work-life balance, to be around for their children, and to stop being penalised for wanting to take paternity leave, or to take time off with their children or families.
To conclude, I firmly believe:
That we’re ONE team in cyber security. That we’re stronger TOGETHER. That there’s no ‘them and us.’ No men verses women. And, that no one sex is better than another.
However, I do believe that men and women are different. And, that’s a GOOD thing.