Women in Cybersecurity: It’s time to get more diverse

Post hero image

Table of contents

Norwegian IT leader Kristin Helen Andersen tells us how gender balance and diversity drives innovation

Last week the yearly Women in Tech Festival took place online, due to obvious reasons. As a young woman entering her first professional role in the cybersecurity field only eight months ago, I found the sheer existence of this event both exciting and eye-opening. Why do we need a yearly festival for women who work in the tech industry? I decided to dig deeper into the topic and get a wider understanding of why the tech industry’s stereotypical avatar remains a basement-dwelling male nerd coding on his computer, and not a woman in her basement doing the same thing. And without any sprinkles of pink glitter on it, thank you.We all know that tech and cybersecurity is a fast-changing, awesome industry to work in and it's actually set to be worth $372.4 billion  by 2028 (Cyber Security Market Trends & Growth Report, 2021). When you look at it like that, it’s ironic how very few people can name a famous female working in tech. Especially when women have featured so proudly in the story of cybersecurity and tech.Women were playing central roles in cybersecurity back in the 1940s, when the computer industry was still in its infancy. During World War II, a group of women called the Code Girls cracked German and Japanese codes to help win the war. This group comprised 10,000 female students from Seven Sisters college that worked on wartime intelligence behind the scenes as part of a secretive wartime government project (Tewari, 2021). And this was only the beginning of women in cybersecurity.Despite this, as many as 78% of students in the UK can’t name a famous female working in tech. Only 16% of females have had a career in tech suggested to them vs. 33% of males, and only 5% of leadership positions in tech are held by women and as little as 3% of females say a career in tech is their first choice (PwC UK, 2021).

women in cybersecurity kristin helen andersen

Interview with Kristen Helen Andersen, Vice President IT (G2 Ocean, Gearbulk & Grieg Star)

I had the incredible opportunity to chat with Kristin Helen Andersen on her own trailblazing path to IT and cybersecurity leadership. Kristin works at the interface between business culture and IT functions, where she explores new opportunities to change traditional ways of working with the use of new technologies. In recent years Kristin has led digital strategy and projects with a special focus on transformation. She has been used as strategic adviser in top management for choices of new platforms and modern solutions. Kristin has 15 years of experience working with technology driven management.As tech is not the most obvious career choice for most women, I wanted to ask Kristin how she ended up in senior leadership in the tech industry.Q: Can you tell us how you wound up on your career path to IT leadership?KHA: It was a bit random really. I had a PC in my room already in the 90’s, and therefore it became natural for me to test it out. From there I have always had an interest to test out new technology as soon as it was available. I would like to say that I’m a “fast runner” when it comes to new technology! Onwards from there it became natural to get an education within the field. My obvious choice was information science at University of Bergen, which goes beyond only the technical side. I also got to learn about educational approaches to development, design and usage of our systems, as well as IT strategy. I have now worked as leader for several different IT departments throughout the years and cybersecurity is a natural and important topic of focus in my workday.

Cybercrime is shooting to the stars – how can diversity strengthen the shield and decrease the human risk factor?

Since the pandemic broke loose one and a half years ago, the number of threats and new methods for cybercriminals to work has expanded beyond what we could have ever expected. As cybercriminals change their ways of working, isn’t it time for the industry to change their way as well? The industry is in need of a stronger shield, and diversity is the answer in how to do so. Diversity brings different views, thoughts and strengths to the table.Q: What has your experience been like as a female in senior leadership, in a male dominated industry, and why is diversity so important?KHA: I’ve been in several different industries where I have worked with technology, and I think we can experience being a woman differently in all industries that are clearly male dominated. I would guess it feels the same for men who work in female-dominated industries as well. That’s why balance is so important, regardless of the industry. In my everyday work life, I wouldn’t say there’s a huge focus on me being a woman, and I don’t feel like I’m being treated differently than my male colleagues. But I can experience it differently in other settings, where people don’t know that I’m the IT leader.  I’ve experienced several times when people are approaching the male members of my team instead of me, as it seems to be expected that one of the men are the IT leader, and not me as the only woman on the team.Q: How does diversity drive innovation?KHA: As I mentioned, I think it’s very important with gender balance. In the same way, balance is important when it comes to age and cultural diversity. Diversity is so important in order to drive change and innovation, and that’s really what tech is about. If we’re too similar, then I don’t think we’re asking as good questions or challenging each other as needed. There's a bigger chance to establish an environment where we’re just mirroring each other instead. I might have a bigger focus (than the traditional IT leader) on the development of our employees and that they all need to grow in their roles as employees and leaders, and I have completed WS with focus on team and culture on a regular basis. I wish for the employees in my teams to be as focused on being a good colleague, as they are on being good operative IT technicians. This brings more value also for the organization when we back each other up and focuses on having a good company culture.

Cybersecurity as a business strategy

Never-ending digitalisation and the tech industry’s continued boom throughout the pandemic is creating new jobs, and with them, opportunities for new faces to breathe fresh air into innovation--decreasing the risk of stagnation and, as Kristin mentioned, group think. Cybersecurity no longer operates in isolation; it’s strongly linked to business and business strategy.Unfortunately, cyber criminals are also innovating, and bringing fresh and diverse thinking into cybercrime. From a business development perspective, they’re social engineers with a genius business mind. This is the gap in the industry I see being filled more inclusively, with tech changing from male- dominated to more diverse. You no longer need to be that code guy in the cellar to understand how social engineering works. Cybercriminals are pretty much operating in the same way as the sales and marketing departments of legitimate businesses. The goals on both sides of the law are creating engagement and getting someone to click that link.Q: What are the biggest current challenges facing cybersecurity and how can we all best avoid clicking all those malicious links?KHA: I think it’s great that we have gotten so far and that we finally have a proper focus on cybersecurity! For many years, cybersecurity was considered as part of the infrastructure, and it was hard to get the budget and resources for it. Today it’s a focus also for senior managers. One of the main challenges right now is the speed it requires to stay up to date with the developments in cybersecurity. Our job is to be one step ahead, and that requires us to have the knowledge it takes, and the willingness to adapt and to stay up-to-date on solutions and methodologies that are crucial for protecting the company against threats. It’s important to stay on top of the newest trends, the biggest actors and last but not least, to get yourself out of technical debt, which often can make the work more complicated. Continuous training of the employees and to focus on having a good cyber hygiene is extremely important, as the people are at the front line when it comes to cybersecurity!


Read more expert interviews

Want to learn more?
Be sure to check out these articles recommended by the author:
Get more cybersecurity insights like this