Exclusively at PrivSec Global on Tuesday 22 June, Debbie Evans will be participating in the panel debate: “Women and Diversity in Cybersecurity: Why Are We Still Having this Conversation?”
Debbie Evans began her career in data protection and privacy over 20 years ago. She is presently Group DPO at UK business services group, Rentokil Initial.
Debbie practiced as a barrister before moving into data protection and security consultancy, and has worked in many industries and sectors, including the public sector, banking, retail, insurance, medical, technology and environmental services.
We spoke with Debbie to learn more about how we can begin to address the imbalance, improve inclusion, and close the cyber skills gap.
Why aren’t more women involved in cybersecurity?
More women are getting into cybersecurity, but no doubt, it would be better to see more. The current situation is possibly due to a lack of understanding or fear of the wide scope of the role. Without more women being seen to promote cybersecurity and seen at the events, which are often attended by males of a certain demographic, a career in cybersecurity can be viewed as something for older men or “techies”, and can be a less attractive option.
Furthermore, it can be challenging to attend cybersecurity events at the best of times – diaries are full and workloads excessive. However, those in the know about the importance of developing networks and getting valuable insights from cyber-related events will find the time.
I have found it challenging to cram in work and initial networking events – juggling personal and domestic roles with additional work commitments that quickly stack up when you’re trying to find time for extra networking events.
Balancing priorities as a woman can be tough and time is precious. As such, the lack of high-profile women in cybersecurity may be due to capacity rather than capability/presence. Cybersecurity needs to be promoted as a broader role not just as something for techies.
What are the main challenges facing companies that aim to build diversity within cybersecurity?
The UK government is proposing an Employment Bill to address and respond to a report recently published by the Women and Equalities Select Committee: “Unequal impact? Coronavirus and the gendered economic impact”.
This law would make flexible working the default position, which wasn’t the norm and did cause challenges for working mums. The law would also extend redundancy protection to mums on maternity leave. Currently not all companies have the policies in place to encourage greater diversity, let alone provide support for women, particularly concerning mums or mums to be.
This change is going to be forced on companies that don’t provide the right support, and this enhanced flexibility may lead to a change of career choices for women.
What practical steps can companies take to make cybersecurity more attractive to women
Actually, I don’t think it’s down to companies, I think it’s a cultural thing; down to early childhood
development. These days, women are finding gaming and technology more attractive and more compelling to use, which is good because women need to be more confident and engage with technology.
Applications on mobile phones have been great for getting women interested in technology, too. Girls are getting creative with apps, using technology as a communication tool, and learning about security settings as they recognise the value of their privacy.
This is not necessarily true for all women, but I’m not interested in how something works, rather I’m interested in its use and benefit. Translating this into a cybersecurity world can be difficult when people in this space get bogged down with technical attributes rather than functionality.
Messaging in cybersecurity needs to accommodate a wider audience and not just focus on the technical aspects as that isn’t what excites everyone. To make cybersecurity more attractive to women the roles need to be presented in a broader context.
What will viewers take from your talk, “Diversity and inclusion women in cybersecurity, why are we still having this conversation?”
I’ve had a lot of people judge, and form opinions or make life difficult for me, particularly when trying to juggle my responsibilities as a mother. Even before having children I used to get a bit of abuse from male colleagues and this can make you feel quite self-conscious. However, believing in yourself and learning to take control of how you operate in work is essential.
When you work in an environment and you’re investing into that business, you need to feel that people actually respect you and will look after you. If you feel people are disrespecting you or not treating you fairly, then there’s absolutely no point in staying there anymore.
That’s how I feel about work environments, and cybersecurity. It’s not easy to feel you fit in, but when you find the right place it can be extremely rewarding and interesting. Job interviewers need to ensure that women aren’t put off by overly technical questions and ensure that everyone is given an opportunity to demonstrate broader skills that are valuable in a cybersecurity space.
You really want interviewers to ask you more about your approach, your views, your ethics and principles, and things like that, but the focus is always on technology and that worries me sometimes. Technology is the tool, not the operation.
Attendees of PrivSec Global can hear more from Debbie Evans in the panel debate: “Diversity and inclusion women in cybersecurity, why are we still having this conversation?” at 11am on Tuesday 22 June.
Broadcasting June 22-24, PrivSec Global is a free-to-attend, live-streaming experience that delivers the very latest stories, insight and analysis from the Privacy and Security landscape.