Women in cybersecurity: shall we talk about it?

Women in cybersecurity…everyone is talking about it, many are becoming agitated, but few people are truly and efficiently acting. The word “feminisation” has become a buzzword and talking about women’s role in the cybersecurity sector (as in other predominantly male professional areas) has in many respects become a commercial argument, or at least a marketing one. Hence, every event must now devote a part of its program to this subject. Every magazine needs to have an article about it. Every organisation needs to have a project or an initiative, or at least appoint an “ambassador”. Not to mention the countless hashtags and campaigns on social media.

Though speaking about the still too weak position and insufficient value of women in cybersecurity is essential in terms of awareness, it goes without saying that such speech must be followed by concrete initiatives in order to really move the cause forward and initiate a lasting change.  Indeed, one can observe a clear gender imbalance in this sector, on almost every type of job (technical, political, governance, training…)[1]. And there is still a lot to do in the field to allow a real rise in women’s power and responsibilities, without having them blamed for being arbitrarily promoted on the basis of a controversial “positive discrimination”.

The International Cybersecurity Forum (FIC), on its side, wants to be part of those who act rather than those who talk about it, but some of our initiatives in this matter have slipped under the radar. For example, certain participants have regretted that we refused several times to put on the agenda of the FIC a workshop or a contribution devoted to women’s role in cybersecurity. This would have allowed the event to “tick the box” and fulfil this politically correct requirements. But we refused to content ourselves with a simple superficial trick intended to gain followers. Unsurprisingly, the role of women in cybersecurity is a cause that is particularly dear to our 10-member-team, which comprises 7 women. This is why we constantly work to move it forward.

For instance, each year, we try to increase the number of female speakers in the panels for which we are responsible for selecting the participants (workshops, master class, plenaries), with ever more ambitious objectives yearafter year. Our aim is to recall—or rather demonstrate—that women are obviously able to talk about the same subjects, and with as much delicacy and discernment, as their male counterparts, rather than reduce their skills and their scope of intervention…to themselves, restricting them to workshops dedicated to women’s role in cybersecurity that would mostly allow to take a nice family picture and to tick the “feminisation” box.

Of course, progress is slow, and results are still insufficient: In 2019, we had 37 female speakers for the workshops and masterclasses, i.e. approximately only 20%. However, progress is not insignificant since they were 10 more than the year before. This year, we also welcomed high-level female speakers: Florence Parly, Secretary of State; Mariya Gabriel, European Commissioner; Stephanie Vanroelen, hacker; several female representatives of key civil society organisations (Eleni Kyriakides from EPIC and Stella Dineva from OWASP). Moreover, the plenary sessions were moderated by Julia Sieger, a female journalist from France 24. And another woman, Elly Van Den Heuvel, former director of the Dutch cybersecurity agency, is currently chairing the recently established FIC Advisory Board. This is certainly not enough, but which event of this sector can claim to have as many high-quality women?

We will thus continue our efforts in order to make the 2020 edition and the following even more inclusive, more “gender-balanced“, but always with a “gradual” approach—slowly but surely—because we know that revolutions are fleeting and in contrast, we yearn for a real, lasting and permanent change so that we won’t have to discuss this subject any more.

Amélie Rives

[1] Among the many studies on this subject: https://iamcybersafe.org/wp-content/uploads/2017/03/WomensReport.pdf