Share this article on:
The Australian cyber security industry could stand to benefit greatly from creating a more inclusive and diverse industry, according to a new RMIT report.
The Gender Dimensions of the Australian Cyber Security Sector report was released today (3 April), authored in collaboration with RMIT’s Centre for Cyber Security Research and Innovation and the Australian Women in Security Network, with the support of the Australian Signals Directorate.
The report is based on the findings of a survey of 660 women and men in the industry, with 77 per cent of them currently working in cyber security. The report also calls on employment data from the Australian Bureau of Statistics, particularly the 2021 census, which was the first to specifically list five discrete occupations in cyber security.
Broadly speaking, the report finds that bringing more women into the cyber security workforce would increase could boost innovation and help the industry operate at its full potential. The women currently in the industry tend to have a broader range of skills and bring different mindsets to the table, helping create new ways to address old problems.
The challenge, however, lies in creating workplaces that support women and that are able to keep women happily employed and in the industry.
“Achieving gender equity is not just about striving to attract more women and underrepresented cohorts into the sector,” the report stated; “it’s about understanding the factors that deter them from joining or cause them to leave the sector. It’s about the sector committing to fostering a workforce culture that is genuinely inclusive and that embraces diversity as a strength and equity as a value.”
Currently, only 17 per cent of Australia’s cyber security workforce are women. That number is trending upwards, however; the number of women entering the workforce is growing slightly faster than the number of men. The report also notes that 3 per cent of the industry currently identify as non-binary or gender-fluid. This number is not high enough to draw any useful conclusions from, but RMIT feels there is certainly room for more research.
The motivations for joining the industry also differ between men and women. Women are more likely to get into cyber security so as to have a positive effect on society and are more likely to be influenced by their parents when it comes to choosing a field of study. However, they are less likely to want to get into the field merely to utilise their skills.
One thing the report notes is that the cyber security industry is very well placed to address the issue of attracting more women into the workforce.
“The cyber security sector is inherently adaptive, iterative, forward-looking and innovative in nature,” the report noted. “These characteristics mean the sector is more likely to be willing to evolve and is less constrained by traditions and conventions which have been shown to be key traits that make a difference in achieving progress on gender equity.”
“As a rapidly growing area, the cyber security sector has a promising opportunity to take intentional action now to shape its culture to be one that is gender equitable, inclusive and embracing of diversity, and to capitalise on the business benefits of making this shift.”
The shift does require some work to achieve, work that is shared across business, government, and even the media.
The report has more recommendations than can be easily listed here, but key among them include the need for businesses to create more inclusive and welcoming workplaces rather than expecting women themselves to adapt or change themselves to fit. Businesses need to do away with toxic workplaces and set clear goals to achieve more equitable outcomes.
Gender pay gap audits are also important, as well as promoting the ability to up or reskill in different areas.
Business leaders also have an important role to play, both as role models for positive behaviour and leaders of change itself.
Government can address the issue by baking equality and diversity into policy decisions, as well as funding gender equity initiatives, while industry associations can make sure that boards are more inclusive, for instance, and that events feature dedicated streams exploring gender equity.
Educational institutions also have a role to play, by removing gender biases from coursework and by creating more networking and support initiatives. The media can be a part of this positive change, too, by hiring more female journalists in the field and calling out gender biases and stereotypes.
“A whole-of-sector approach is needed to expand the capacity of the cyber security workforce and achieve a more gender equitable and inclusive sector,” the report said.
“All dimensions of society — employers, organisational leaders, government, educational bodies, the media, and the wider community — have a role to play in making changes in their policies, practices and attitudes in relation to gender inequity.”
Minister for Cyber Security Clare O’Neil helped launch the report at an industry round table today.
“Its recommendations can help put us on the path to achieving gender equity in the sector — without which, we won’t be able to achieve our true cyber security potential,” said Minister O’Neil.
You can read the full report here.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.