Women in cyber security: Changing pathways and perceptions
Women in cyber security: Changing pathways and perceptions

The Cyber Security Challenge held its first regional cyber day in the North East of England last week, which focused specifically on encouraging more women to consider a career in the industry.

The vision behind these regional cyber security days is that people with talent, whoever and wherever they are, can be encouraged to explore information security as a career.

Judy Baker, chair of the board for Cyber Security Challenge UK, introduced the day – which was held at the Gateshead Northern Design Centre - and hosted the panel discussion. Her passion for the subject was evident throughout.

Judy spoke of Cyber Security Challenge's aim to create regional hubs across the UK, with universities or professional bodies at their core, as a means of bringing those working and interested in the industry together. Part of the impetus for this aim stems from the observation by Cyber Security Challenge that, although not in any way dependent on geography, the national challenges which Cyber Security Challenge run attract a disproportionate amount of entries from the South East of England compared to the rest of the UK.

I was invited to open the panel and it was an honour to share the stage with some very successful and diverse women working in the field. I spoke about why I love this industry, about the people-focused nature of my work and about the excitement and satisfaction that comes from working in an industry where new challenges emerge daily and you are constantly learning new things.

Lesley Majoribanks, who works in security and resilience team for the Royal Bank of Scotland, spoke with enthusiasm about the variety of jobs in her organisation from mapping DDoS solutions and working in penetration testing to fighting cyber-fraud. Lesley's talk truly demonstrated the diverse nature of this industry and the fact there are jobs for people with wide-ranging skill-sets. Sharon Moore, who works for IBM, went onto stress the importance of networking and mentoring in her presentation while a lady named Helen, a senior engineer from GCHQ, gave great insight into working for an intelligence agency.

However, the stand-out star of the day for me was Juliet Armstrong, a sixth form student who spoke eloquently and intelligently about the importance of cyber security to everyone. She discussed the extent to which so many of her peers use the internet to share photographs and communicate, but without really considering the privacy and security implications.

In addition, she spoke about the varied nature of the subject and of the need for schools to recognise this; it was something on which I think we all agreed - that cyber security should not simply be regarded as a subset of IT. Juliet has contributed to The Analogies Project and their presence at the 'Girls into Cyber' event was hugely valuable: unpicking cyber security issues by using analogies, the subject becomes so much more accessible to all.

Following the panel, a discussion on how to develop pathways in to the industry was the focus of the question and answer session with the audience. The need to start young, engage parents and teachers and to tackle cultural issues (the underlying notion that girls aren't interested in technical subjects) demonstrated that all of these efforts, and more, should be pursued in parallel.

A theme throughout the day was not only the diversity of the industry and the skills of those working in it, but also the extent to which serendipity had played a large part in all of our career paths. It's something I'm very aware of: as a young woman originally from the North East, and a sociologist by training, I would not have considered cyber security as a career had I not been head-hunted for a role in the industry. 

It is this reliance on serendipity which Cyber Security Challenge hopes to address with their emphasis on attracting more regional talent and more women and girls into the industry.

Dr Jessica Barker is an independent cyber security consultant.