The Australian Cyber Security Sector’s Gender Dimensions report is the first comprehensive examination of the industry’s gender composition. According to the 2021 Census data, women accounted for only 17% of the cyber security workforce.
A new report was launched this morning by the Honourable Clare O’Neil MP, who holds the positions of Minister for Home Affairs and Minister for Cyber Security, during an industry roundtable aimed at discussing the findings and strategies for creating a more inclusive workforce for women in the field of cyber security in Australia.
The reports key findings include:
- Over 50% of female respondents were strongly motivated to join the sector to make a difference in society, compared to 44% of male respondents.
- About half the female cyber security professional respondents had IT qualifications, compared to two-thirds of male cyber security professionals.
- Only 27% of women working in the sector reported having a role model or mentor of the same gender, compared to over 50% of men who reported having a male equivalent.
- There’s been a fourfold increase in the number of females in specialist ICT security roles from 2016 to 2021, compared to a threefold increase for males.
The Australian security industry is currently facing a significant skill crisis, and one of the key areas of disparity is diversity. This has led to challenges in the industry’s optimal functioning, despite growing evidence that a more diverse workforce can lead to increased innovative potential, strategic intellect, and problem-solving capacity.
Key Recommendations
To achieve a more gender-equitable and inclusive cyber security sector, a comprehensive approach involving all aspects of society is necessary.
This includes employers, organizational leaders, government agencies, educational institutions, the media, and the wider community. All of these stakeholders must make changes to their policies, practices, and attitudes regarding gender inequality.
Any actions aimed at promoting gender equality in the cyber security sector should be based on evidence-based approaches. Research indicates that changing systems, cultures, and conventions is crucial, rather than expecting individual women to adapt to a biased system.
The 2021 Census data shows there are a total of 9,061 people working in cyber security occupations in Australia.
Recommended actions to progress gender equity and inclusion in cyber security:
■ Implement gender equity, diversity and inclusion policies and programs that target
workforce culture and organisational practices rather than attempting to “fix” women.
■ Set clear goals and targets for gender equity in the organisation. Consult with women
and other under-represented cohorts within the organisation to articulate goals that
could deliver meaningful change.
■ Eliminate toxic work cultures and adopt a positive duty of care to all employees,
including a zero-tolerance policy towards sexual harassment
■ Develop and maintain safe work spaces that respectfully accommodate all genders.
■ Conduct an internal gender pay gap audit to ensure equitable salary and benefits.
■ Use recruiting and promotion practices to address implicit biases in existing systems, such as using a language decoder to remove gendered language in job advertisements.
■ Recognise the skill transferability of workers joining from other sectors and support reskilling and upskilling.
■ Commit to flexible work arrangements, including ensuring that women’s credentials and capabilities are not valued less when they return from career breaks.
■ Formalise role model and mentorship programs, including role modelling inclusive behaviour and work-family balance among men.
■ Ensure equal access at all levels to opportunities, including professional development, networking and sponsorship.
■ Collect and analyse data on gender equity, diversity and inclusion and evaluate initiatives to determine effectiveness.
■ Apply an intersectional gender lens to rectify biases and barriers in the workplace impeding women from non-majority cultural, socioeconomic and linguistic backgrounds, different spectrums of ability, and First Nations people, and ensure their strengths and capabilities are fully recognised and valued.
The Study
The Australian Women in Security Network, in partnership with RMIT University, conducted the comprehensive survey to explore the challenges of diversity in the security sector.
This survey was conducted in conjunction with the Australian Bureau of Statistics (ABS) data from the 2006-2021 Census, providing a comprehensive view of the industry’s progress and the challenges it still faces.
The primary objective of this study is to provide an accurate representation of the security industry’s workforce in Australia. The findings of this study are intended to identify practical steps to expand and diversify the industry’s talent pool, enabling it to effectively meet the growing challenges and demands it faces.
By leveraging this data, the industry can proactively address the issues of diversity and inclusion, ensuring that it is better equipped to meet the challenges of the future.
CCSRI Director Matt Warren said the wider spectrum of educational backgrounds and motivations brought by females were valuable for diverse approaches to problem solving, however the low level of women’s participation means the sector is still not operating at its full potential.
“Despite the rapid expansion of the cyber security workforce, the sector is characterised by a stark under representation of women,” said Warren
“To achieve gender equity in the industry we need to understand the factors that deter women from joining or cause them to leave the sector and commit to fostering a workforce culture that embraces diversity as a strength.” said Warren
The report provides essential suggestions to enhance gender equity and inclusion in the Australian cyber security industry, targeting government, organisations and their leaders, educational institutions, and the broader community.
O’Neil says the report provides real insights into the lack of female role models and other barriers to women’s representation in our cyber security sector, based on research that has been sadly lacking in Australia until now.
“Its recommendations can help put us on the path to achieving gender equity in the sector – without which, we won’t be able to achieve our true cyber security potential,” said O’Neil.
Australian Women in Security Network (AWSN) Founder and Executive Director, Jacqui Loustau, said to accelerate the number of women entering, excelling and leading in the industry, we need to understand the current barriers and draw on learnings from other industries and countries.
“Although there has been progress in the number of women entering security over the years, it’s not fast enough,” said Loustau.
“To protect all Australians, the security workforce needs all types of people thinking innovatively, stopping threats, and advocating for security.”
“This report will lead the way in what we can do more effectively to attract and retain a more diverse workforce for generations to come.”
RMIT’s Centre for Cyber Security Research and Innovation (CCSRI) collaborated with the Australian Women in Security Network (AWSN) to conduct a comprehensive study.
The primary aim of the study was to gather reliable benchmark data that would help track the progress of women’s participation in the Australian cybersecurity sector as it continues to grow.
It was also conducted with the objective of promoting gender diversity and inclusion in the industry, a crucial step towards creating a more equitable and inclusive workplace.
The AWSN played a crucial role in facilitating the study by partnering with the Australian Signals Directorate, which provided sponsorship support.
The Australian Signals Directorate, Australia’s foremost foreign signals intelligence and security agency, recognised the need to promote gender diversity in cybersecurity and extended its support to this vital initiative.
This collaboration has helped to bring together some of the most prominent experts in the field, enabling them to share insights and knowledge to create a more inclusive and diverse workforce in Australia’s cybersecurity sector.
Despite the sector’s rapid expansion and growing importance, the sector is characterised by a stark under-representation of women.
To date, little research in Australia has been undertaken into the exact proportion of women employed in the sector, what roles they are undertaking, and the reasons behind the sector’s unbalanced gender composition.
The sector’s limited female participation hinders its full potential. With a more diverse workforce, the sector could benefit from a broader range of skills, perspectives, experiences, and better problem-solving capabilities. Additionally, the sector could gain a richer understanding of human behavior and people’s needs. This presents a valuable opportunity for the sector to leverage.
Gender gaps in workforce outcomes can indicate biases and barriers. Therefore, achieving gender equity requires more than attracting more women and underrepresented groups to the sector.
It also involves identifying the factors that discourage them from joining or cause them to leave. The sector needs to create a genuinely inclusive workforce culture that values diversity as a strength and equity as a priority.
Dr. Leonora Risse and Dr. Maria Beamond from RMIT presented a slide deck at the AISA 2022 Cyber Conference in mid-October, which provides valuable insights into the statistics of women in the security industry.
By examining this slide deck, one can gain a deeper understanding of the current state of gender diversity in the industry and the challenges that still need to be addressed.
The full 2023 report is published on the My Security Marketplace website and can be downloaded here
