Improving gender representation in Australia’s cyber security workforce

Improving gender representation in Australia’s cyber security workforce

RMIT research has provided greater insights into gender-related workforce challenges faced by the Australian cyber security sector and identified ways to expand and diversify the talent pool.

SDGs

SDG 5 Gender equality
SDG 5 Gender equality
SDG 17 Partnership for the goals

A multidisciplinary RMIT research team partnered with the Australian Women in Security Network to complete the research.

RMIT’s Centre for Cyber Security Research & Innovation (CCSRI) in partnership with the University’s Centre for Organisations and Social Change (COSC) brought together a team of academics with backgrounds in cybersecurity, organisational psychology, economic, management and human resources to examine the gender issues facing the cybersecurity sector.

The resulting report highlighted the stark underrepresentation of women in the cyber security workforce.

Gender Dimensions of the Australian Cyber Security Sector was the first in-depth look into the industry’s gender make-up, where according to the 2021 Census data women only represented 17 per cent of the cyber security workforce.    

Minister for Home Affairs and Minister for Cyber Security, the Honourable Clare O’Neil MP, officially launched the report at an industry roundtable to discuss the findings and steps towards a more inclusive cyber security workforce for women in Australia.

Research in context

Cyber security has become an increasingly critical issue for government, business and education sectors. However, it has become clear that the Australian security industry is facing a skills crisis, with diversity being a critical area for improvement.

Professor Matt Warren, Director CCSRI, said researchers from RMIT and the Australian Women in Security Network partnered to investigate the underlying reasons for women’s under-representation in the industry.

He said the team also worked to identify evidence-based approaches to expand the Australian cyber security sector’s talent pool and equip it for future challenges and demands.

 

“While it has been widely remarked that women are under-represented in this sector, there was relatively little data available on the exact number of women in Australia’s cyber security workforce, their experiences and the roles they were filling,”

“In the wake of growing global security staff and digital skills shortages, this situation was particularly concerning,” Warren said. 

Research reveals more accurate picture of Australia’s security workforce

The research team began with a review of existing literature about women in the cyber security workforce and an analysis of data from the previous three ABS censuses. They then analysed the newly released 2021 Census data, which included occupational categories specifically for the cyber security sector. The study was the first to provide this gender analysis of Australia’s cyber occupations.

The team subsequently conducted a national survey to hear directly from people of all genders about their personal experiences, perceptions and attitudes in the sector.  Respondents answered questions about their current job, education and training, their inspirations, role models and mentors, and their perceptions of the industry.

The resulting Gender Dimensions of the Australian Cyber Security Sector report was launched, giving the Australian cyber security sector a clearer picture of women’s representation and an understanding of the factors that enable and impede their career participation and advancement. Its recommendations emphasised the importance of de-biasing work cultures and adopting evidence-based approaches to enhance inclusivity and diversity in the sector’s broad systems and culture.

Key findings

  • Women comprise around 17% of Australian cyber security occupations in 2021
  • Although underrepresented in the sector, the number of women in specialist ICT security roles increased fourfold from 2016 to 2021, compared to a threefold increase for males
  • Over 50% of female respondents were strongly motivated to join the sector to make a difference in society, compared to 44% of male respondents.
  • Women in cyber security come from a wider spectrum of educational backgrounds than their male colleagues
  • About half of female respondents had IT qualifications, compared to two-thirds of their male counterparts
  • Only 27% of women in the sector reported having a role model or mentor of the same gender, compared to over 50% of men who reported having a male equivalent.

CCSRI Director Matt Warren said the wider spectrum of educational backgrounds and motivations brought by females were valuable for diverse approaches to problem solving, however the low level of women’s participation means the sector is still not operating at its full potential.

Despite the rapid expansion of the cyber security workforce, the sector is characterised by a stark under representation of women. To achieve gender equity in the industry we need to understand the factors that deter women from joining or cause them to leave the sector and commit to fostering a workforce culture that embraces diversity as a strength.
Professor Matthew Warren Professor Matt Warren, Director CCSRI

Recommendations for supporting greater gender equity and diversity in the sector

Recommended actions outlined in the report included:

  • Conduct data collection and analysis on gender equity, diversity and inclusion in the organisation
  • Develop and implement appropriate policies and programs that target workplace culture
  • Adopt duty-of-care approaches to eliminate workplace toxicity
  • Use recruiting and promotion practices to address implicit biases in existing systems, such as using a language decoder to remove gendered language in job advertisements
  • Role model a willingness to learn
  • Demonstrate commitment to a zero-tolerance approach to sexual harassment.
  • Ensure committees, boards and panels are inclusive and representative
  • Analyse educational content for gender bias and stereotypes
  • Call out gender stereotypical images/terminology.

Research impact

Jacqui Loustau, Executive Director and Founder of AWSN, found the research valuable in validating the organisation’s work to date, and in sparking new initiatives to address both intake and retention of women into the cyber security sector.

 “This study was really important to create a benchmark, so that we can understand whether or not we’re progressing and whether more effort is needed in a particular area,” said Loustau.

“That 17% has been important as a talking point, and as a metric to build on. That has already been a game-changer.

“It is a whole-of-industry effort. Collectively we are making a difference and you can see that in the data, which is really powerful,” she said.

To protect all Australians, the security workforce needs all types of people thinking innovatively, stopping threats, and advocating for security.

“This report will lead the way in what we can do more effectively to attract and retain a more diverse workforce for generations to come.”

The AWSN’s involvement in the study was facilitated through sponsorship support by the Australian Signals Directorate, Australia's foreign signals intelligence and security agency.

Research recognition

CCSRI was awarded the Researcher of the Year prize for their outstanding work on the project at the 2023 Australian Information Security Association (AISA) Cyber Security Awards. 

Next steps

In phase two of the project, the research team is investigating the factors that influence the low participation in and departure of women from Australia’s cyber security workforce. Through a literature review and qualitative research, this next phase is expected to give further insights on how broader cultural factors and practices including organisational policies and strategies can affect and improve the retention, recruitment, and management of women in the field.

Key research objectives are to:

  • Identify gendered barriers and enablers to improving the recruitment and retention of women in the cyber security profession.
  • Develop a deep understanding of the multi-faceted reasons women leave the cyber security profession.
  • Gain insights into the lived experiences of women in the cyber security sector, focusing on challenges and opportunities for improvement.
  • Explore the potential interventions and strategies for organisations to implement to enhance gender diversity and retention of women in the cyber security workforce.

Key contacts


Phase II of this research project contributes to the study of gender in Australia's cyber security workforce by:

  • Investigating the current and future shortage of skilled professionals in the cyber security industry, focusing on why women leave these jobs.
  • Identifying how factors that help or hinder women relate to workplace culture and practices, and how changes in policies and strategies can improve the retention, recruitment, and management of women in the field.

Read related RMIT impact stories


Connect with RMIT Research

If you're not sure how you can best work with us, our team can explain what's possible and put you in touch with the right person. 

aboriginal flag
torres strait flag

Acknowledgement of Country

RMIT University acknowledges the people of the Woi wurrung and Boon wurrung language groups of the eastern Kulin Nation on whose unceded lands we conduct the business of the University. RMIT University respectfully acknowledges their Ancestors and Elders, past and present. RMIT also acknowledges the Traditional Custodians and their Ancestors of the lands and waters across Australia where we conduct our business - Artwork 'Sentient' by Hollie Johnson, Gunaikurnai and Monero Ngarigo.

aboriginal flag
torres strait flag

Acknowledgement of Country

RMIT University acknowledges the people of the Woi wurrung and Boon wurrung language groups of the eastern Kulin Nation on whose unceded lands we conduct the business of the University. RMIT University respectfully acknowledges their Ancestors and Elders, past and present. RMIT also acknowledges the Traditional Custodians and their Ancestors of the lands and waters across Australia where we conduct our business.