International consulting firm Deloitte is launching a global campaign to encourage firms to hire and promote women in cybersecurity roles.
The first global campaign in the company’s ongoing Women in Cyber program was announced earlier this month and is being supported by local Deloitte branches around the world. It officially launches in Canada on June 1, said Beth Dewitt, a partner and board member of Deloitte Canada and leader of the global campaign.
Initially, it includes 14 videos of women who work in cybersecurity-related positions at Deloitte around the world. Over time it will also include articles, blogs and podcasts featuring interviews with Canadian women and their careers and learning opportunities. There will also be seminars and webinars featuring Deloitte and its clients talking on a variety of cybersecurity topics such as how they solve cyber challenges.
In an interview, Dewitt said the campaign partly is to encourage employers to hire more women to solve the shortage of talent in cybersecurity, and partly to let them know of the importance of hiring people who may have a different point of view, a different way of solving problems.
“Representation [in an organization] is really important,” she explained. “To change systems of power or recruit more people into an industry or get more voices at the table it comes down to representation. “People need to see and believe their voice matters and that people like them exist. People need role models, people need others to look up to, to have paths to follow.
“This campaign is unique because it takes our own models and professionals and says, ‘Come join us. We need more like us, and more like you.’ That is meant to be at Deloitte, and in the cybersecurity profession as a whole.
“For me, this campaign is about showing others that your experiences and your background – what you look like, where your grew up, who you are – all matters, and it fits at this place, and in the industry as a whole.”
Why aren’t there more women in cybersecurity?
There are a number of surveys on the cybersecurity talent shortage but no one doubts that men are over-represented in IT in general and cybersecurity in particular. Deloitte quotes one study predicting predicts that women will hold 25 per cent of cybersecurity jobs globally by the end of 2021. It also cites a 2019 study by the International Information System Security Certification Consortium (ISC) saying the global cyber workforce would need to grow more than 145 per cent to meet the job market’s demand.
Dewitt admits that despite the demand and the possibility of high-paying jobs, cybersecurity carries a reputation of a technical and male-dominated industry where people sit in front of screens round the clock. So the big barriers, she said, are not seeing many women in leadership positions, and the sense by many that a technical background is needed for a career.
It wasn’t for Dewitt. She earned a graduate degree in social anthropology before being hired by an IT privacy boutique and ended up focusing on privacy and the heathcare sector. Eleven years ago she was hired by Deloitte. Now she’s a partner in the cyber risk advisory practice, leads the national data protection and privacy practice.
Dewitt admits she wouldn’t volunteer to do a job requiring computer training. But she is qualified to advise why a certain cybersecurity strategy or technical work is needed in a particular organization.
“Because cyber is everywhere it requires a broad set of experiences and perspectives to help identify potential risks and cyber solutions,” she said. “People need to understand that it is no longer a profession for those with only a computer science degree. Professionals with backgrounds in anthropology, economics, business, HR and other disciplines can apply their problem-solving skills and perspectives to cybersecurity. A team that includes women with diverse backgrounds and views can help an organization think through ‘the art of the possible’ when solving challenges.”
Emily Mossburg, Deloitte’s global cyber leader, said that the industry has to “expand the vernacular” used around careers in cybersecurity. Roles such as ethical hackers, data privacy professionals and cyber strategists should be made more visible.
“We have to break down the common misconceptions about the type of work that exists for cyber professionals and the type of experience you have to have to do that work,” she said.
In her career, Dewitt says she has sometimes faced assumptions about what she could do based on what she called the unconscious bias of what women are good at. That included being questioned about if she was able to take on certain tasks because she had young children. She has also seen women sidelined or silenced because of who they are or the way they say things.
On the other hand, she added, more organizations are becoming aware of sexism and are putting in strategies to address it.
Canada is “a work in progress,” she said, noting there are a number of women with leading cybersecurity jobs. However, there is “much more to do.”