It is no secret that women are significantly underrepresented in the cybersecurity workforce, and in IT more broadly. While female representation in CISO and cybersecurity roles globally has slightly increased over previous years, CAUDIT’s 2022 cybersecurity benchmarking noted a decrease in the number of women in the Chief Information Security Officer (CISO) or equivalent positions within the sector. According to 2022 industry research and the latest I(ISC)2 Women in Cybersecurity report, women only represent 25% of the global cybersecurity workforce, and even less in cybersecurity leadership positions. While improvements have been made, there is still a long way to go and changemakers such as Nivi Newar, Head of Cyber Security Strategy and Governance at UNSW, are driving progress for women across the sector.
**Developing a tangible Uplift**
After noticing the impact that the pandemic was having on preventing women from entering the cybersecurity workforce, Nivi made it her mission to address this. “Higher education became the highest attacked industry in 2021 and Boards were asking CISOs how they were going to reduce exposure and risk. Before the pandemic it was a five-year program to execute on risk reduction – this was crunched to two and a half years. Pre-covid, we were working as an industry to lift women into cybersecurity roles. The acceleration of this [risk] timeline preferred individuals with subject matter expertise. There was no flexibility or time to onboard and train people and women were adversely affected by this” says Nivi. After doing some research on CISM training, Nivi realised how she could have a significant impact on the presence of women in the cybersecurity workforce. “When you typed CISM on LinkedIn you wouldn’t find females. Only 10% of CISM holders in Australia were women. I had spent 2021 training a small group of women for CISM and decided to scale the program to reach more women. If we could get women to obtain their certification, that might be enough to give hiring managers more confidence”. Nivi interviewed some hiring managers to find out for certain, and the overwhelming answer was yes. The Tangible Uplift Program was born. The seven-month program is designed to empower fifty women to complete their CISM training and certification exam. The program includes mentoring and training, as well as access to relevant ongoing training programs following the CISM. Jalpa Bhavsar, Associate Director, KPMG, is currently participating in the Tangible Uplift Program. Jalpa talks about the impact this “one-of-a-kind program” is having on participants; “Work-life balance often prevents women from completing these certifications and with this encouraging environment, where we are surrounded by women in the same situation, we are empowered to achieve this and obtain the equivalent skills so we can pursue leadership”.
**Meaningful change requires champions**
In developing the Tangible Uplift Program, Nivi sought the support of several champions of change with the resources to enable her vision of driving broader change across the sector. Greg Sawyer, CEO and Niki Peever, Director of Cybersecurity at CAUDIT, were two champions of change that supported the Tangible Uplift program by providing access to the CISM training course which CAUDIT recently finetuned with IT Masters. “When Nivi came to us with the idea of the Tangible Uplift Program we were on board from the start. Diversity is crucial to building high-performing teams and the process is a journey, not a destination. Initiatives like the Tangible Uplift Program are fantastic to start the conversation and bring awareness to the movement, and they equip a cohort of women with the fundamental skills needed to be successful in their careers. We are faced with a very challenging time in cybersecurity: constant evolving threats, budget constraints, recruitment, and retention difficulties. We need to work together to be successful, and we need diversity to do this effectively. I believe bringing people with different perspectives and abilities to the equation is crucial to uplift our cybersecurity profile” says Nikki Peever, CAUDIT’s Cybersecurity Program Director.
**Building a sustainable movement to drive change**
The Tangible Uplift Program is much more than a certification course; it is a movement. Nivi designed the tangible uplift program with sustainability in mind. The program requires a significant time investment, which Nivi has put forward for the inaugural year, and each year, the program will continue under the leadership of recent graduates. “This is not a one-year program, this is a movement. The women involved in the program will be ambassadors of change. They are not just doing the certification; they are becoming the catalyst of change for other women to see and be empowered by” says Nivi. Jalpa Bhavsar recognises the role this program will play in fostering gender diversity in the workforce “there is no scarcity of women starting in the workforce, but as we progress through the hierarchy of the corporate ladder, females drop out far more than males do and there are very few at the top. We need role models that we can look up to. This program is going to help create a pipeline of women who are ready for these leadership roles” says Jalpa.
**Recognising the value of diversity requires a culture shift**
While women like Nivi, Jalpa and Nikki are playing a critical role in championing the importance of diversity in the workplace, leaders must embrace the responsibility of driving cultural changes across their organisations. “We have seen the impacts of the pandemic on gender diversity. After years of slow but positive change, the pandemic stalled, and in some cases reversed the gains. To adapt and grow, we need diverse thinking and diverse leaders. Leaders must walk the talk to make diverse workplaces a reality” says CAUDIT CEO Greg Sawyer. For the first time since the CAUDIT Leadership Institute began in 1998, this year the program had an equal number of male and female participants. “If we are not achieving gender diversity on the CLI, then we are not doing what’s needed to ensure the next generation of leaders are gender diverse. This important moment could not have been achieved without the institutions who put forward the nominations supporting positive change” says Greg. As we work to improve gender diversity across the sector, we acknowledge that this is just one aspect of diversity that needs work and attention and that the more diverse and inclusive we can make our workplaces, the better they will be. As Jalpa states, “we need to educate everyone on the benefits of diversity in the workplace, not just gender diversity but all kinds of diversity so that everyone becomes a champion”.