It won’t have escaped the attention of anyone who’s been along to previous RANT Forum events that the attendance is predominantly male. This isn’t much of a surprise, given that the majority of information security professionals are men. But why is this? And, given the way information technology pervades all aspects of society and is used just as much by women as by men, shouldn’t the industry be trying to make itself more inclusive and more accessible to women?
Those are among the issues that will be looked at during this month’s RANT Forum discussion, titled Breaking Into Security, where a panel of three presenters will look at whether women really face a challenge when they try to progress in the industry, or whether the challenges are already there before they even decide they’d be interested in working in computer security. The event is being co-hosted by the Women in Security Initiative, and will look at how two successful female professionals have made their names in information security.
“I can honestly say that [being a woman] has never really figured,” Sharon Conheady, a director at First Defence Information Security and a specialist in social engineering, tells the Acumin blog. “I think my RANT is going to be more about why people seem to get fixated on whether you’re a man or a woman in security – and what on earth has it got to do with it? As long as you’re doing your job properly it doesn’t matter.”
Conheady’s fellow RANTer – the leader of Shell’s Downstream information risk management team, Alison Greig – believes that one of the best ways the industry can make itself more welcoming to women is to fully embrace the potential for flexible working that networked computer systems bring. She also feels that more emphasis could be given to the women who have already succeeded in infosec roles, because her experience tells her that when a woman is promoted to lead a security team, more women are inspired to apply when other positions open up.
“To get the best people in we need to offer flexible working solutions,” she tells us. “There’s a lot of women out there who perhaps don’t want to come back to work from having maternity leave, or who have young children to take care of, and we need to be providing opportunities for women to return – working from home, working virtually, part-time work, term-time work. Why aren’t companies offering flexible packages to enable the best candidates to apply for roles?
“Also,” she continues, “if you’ve got senior women in information-security roles then you’re far more likely to get female applicants. When I came into this role I didn’t have information-security experience – I came in here as a manager of people. But after I started advertising positions, I had many more women applying than had previously applied for the role when my position was taken by a man. Women tend to think that if other women can do it, then so can they.”
Raj Patel, the manager of an operational security team at Société Générale who is responsible for infosec and governance across the UK, Europe and the Middle East for the banking group, is in agreement. Patel, who has the unenviable task of moderating the RANT discussion this month, feels that women have a great deal to offer to the sector, but may not realise it.
“People don’t know what they don’t know,” he says. “I think with the shortage of skilled professionals – both male and female – we should be looking at opportunities to cater for a pool of people that might be interested in those fields. When people talk about information security, I think their natural tendency is to look at it from a technical perspective: but the reality is that while it’s technical, it can be audit-based, it can be risk-based, it can be governance-based – it’s such a big field now that you don’t need to necessarily be overly technical to enter it.”
So, how can the infosec industry make itself more accessible to people who, presently, may have skills that are in great demand, but think that the job is all about coding and hacking, so they wouldn’t even consider applying? What are security teams missing out on if they’re not casting the net wide enough to attract women into what are often male-dominated workplaces? And how can the industry do a better job of highlighting the many women who have made it to the top of the profession, and use their examples to inspire others to follow them? All these questions, and more, will be raised at this month’s RANT Forum, and we’re hoping you’ll have some thoughts and ideas that can help answer them.
As usual, we’re in the City on the last Wednesday evening of the month. So that’s February 26, with doors open from 5:30pm and the presentations due to start at 6:30. For details of the venue, and to reserve your place, please contact Gemma Paterson at Acumin on either +44 (0)20 7510 9041 or firstname.lastname@example.org . RANT events invariably sell out, so although admission is free, it’s essential you book in advance, and best if you do so soon.