The UK’s National Cyber Security Centre (NCSC) and consultancy KPMG have formally kicked off their second annual study into diversity in the cyber security sector, with the emphasis on capturing new benchmarks on disability and neurodiversity.
The inaugural study, conducted this time last year, found encouraging evidence that the proportion of women in cyber roles was higher than in general tech roles (31% compared with 19%), that about 10% of cyber professionals identified as lesbian, gay or bisexual, 1.3% trans and 1% non-binary, and that ethnic diversity in cyber was about on a par with the general UK population.
But when it came to inclusion – whether or not people feel free to bring their authentic selves to the workplace – the cyber sector has work to do, it said.
The NCSC and KPMG said they reaffirmed their joint commitment to transform the industry into an exemplar of best practice around diversity and inclusion, hence the inclusion of disabled and neurodiverse people.
“The cyber security industry plays a vital role in keeping us safe, but we know it doesn’t reflect the communities it serves,” said NCSC CEO Lindy Cameron.
“Our second Decrypting diversity survey will help us build on the collective understanding of where the sector is falling short, allowing us to break down barriers to ensure that there are opportunities for all.
“We know that a welcoming community and greater diversity leads to more innovation and better outcomes for the UK, and the NCSC is committed to helping transform the cyber security sector into an exemplar of best practice.”
Jonathon Gill, head of aerospace and defence at KPMG UK, added: “Diversity and inclusivity must sit at the heart of our cyber security industry if it is to continue to thrive, facilitating the representation of different experiences and world views and attracting the brightest talent from across society.
“This survey represents a continuation of our journey with the NCSC to uncover the opportunities to drive positive change and further our roadmap to creating a more inclusive sector.”
The NCSC said the evidence strongly suggests that a more welcoming and inclusive community encourages greater diversity, more innovation and better outcomes, all helping to reinforce the UK’s security posture.
It has already begun to put the recommendations of, and learning from, last year’s study into effect, introducing a new outreach officer role, designed to encourage people from under-represented groups into security.
Other recommendations from the 2020 study include encouraging cyber security leaders to take more accountability for diversity and inclusion inside their organisations, and for the security sector to improve how it learns about best practice from inside and outside the industry.
Data from the 2021 update will also be used to identify and act on areas that need further improvement. To this end, all security professionals – whether or not they identify as disabled or neurodiverse – are invited to take part in the 10-minute anonymous survey.