Empowering women to lead in cyber security

When I joined Quorum Cyber in 2020 I knew it was a company that encourages everybody to keep learning, whatever role they have. So when our Chief People Officer John Wallace suggested I’d get a lot of value out of joining the next cohort of members on the ‘Empowering Women to Lead Cyber Security’ spring programme, I accepted right away. As Head of Engineering, I thought it would be a great chance to meet women in similar roles outside of our company and see what I could learn and contribute.

Running from March to June 2022, it’s a cross-industry leadership development programme for aspiring female leaders in cyber security in Scotland. It’s a new initiative from the Scottish Digital Academy, Scottish Government and ScotlandIS.

There are 22 emerging and/or aspirational women leaders in my cohort, representing the private, public and charity sector organisations. It’s great that we come from different backgrounds because we see things from more than one perspective.

Being open minded and actively listening

My intention from the start was to be open minded and not go in with any expectations of what I was going to get out of it. It was nice just to turn up, soak it all in and see what came out of it. To be honest, I’m usually always quick to jump in with my own experiences and advice and say, “Oh yeah, I’ve done that” and “You could do this and this.” But actually, just standing back and listening to other participants was the best approach for me.

The skills that the programme has taught us, such as how to ask powerful questions and listen actively – which at first might sound really wishy-washy – are actually really interesting and useful, and help us cope with various situations.

When I actively listened to people instead of immediately leaping in with advice, I sat back and thought, “OK, what have you told me and what questions can I ask to draw more information out of you?” It’s about understanding that my colleagues probably already know the answer, they just need me to reflect it back to them in a way that makes them look at it differently.

Diversity in cyber security

In one session, the host had us work in teams with specific goals in mind. Ours was about making cyber security more diverse. So how do we get more women into the industry? What is it that puts them off? What could we do in the short term that could work in the long term to promote more women to come in? The truth is, it’s not just about cyber, it covers the other technical industries as well. But in this programme we focused on it with the cyber slant.

I personally think we do need to get more women into the industry. However, it’s about having the right people for the positions. That said, a lot of the industry job adverts are very dry, they’re very technical, they don’t lend themselves well towards feminine energy. They don’t take into account some of the other things that matter to us. This is a broad generalisation, of course, because not all women have good soft skills. Many men have good soft skills too. But soft skills are never really part of a cyber security job advert, which can put a lot of women off.

So for me it’s more about the diversity we have in the sector overall, rather than necessarily the diversity between men and women.

Alternative perspectives and viewpoints

What’s been really useful for me is having discussion points with the other women that are in the same industry but in different organisations such as banks or the police. It’s great to discuss how we would approach specific problems we face in our careers. It gives us all an alternative viewpoint, which is nice.

A group of people that are removed from the day-to-day problems within your company can give you a much more rounded perspective on things. They can look at things very objectively and say, “Well, if you thought of this, or perhaps you could do that.” It’s really useful to have that group that I can go to.

Strong community support

Our cohort has connected really well and for me one of the best things that has come out of the programme is that we’re all now part of a network of likeminded women who will support each other going forwards.

I’d recommend ‘Empowering Women to Lead Cyber Security’ for women who want to go into management, especially if they want to understand how to leverage the skills that they’ve got and really understand how it would work with lots of different people. I think it’s really useful to understand that there are many other people in your place as well. These struggles and questions aren’t unique to you – everybody goes through them.

Knowing that you’re not alone and that you know other people with similar issues can put your mind at ease. It’s also about building a community around each other to give us that support. I’m lucky I have a lot of support at Quorum Cyber, but not everybody does in their place of work.

Huge potential

Looking at the bigger picture, I believe women leaders can certainly contribute enormously to the cyber security industry in the UK, which is growing every year. I think women can humanise it a little bit more, make it a little bit more approachable and open, and perhaps remove some of the jargon.

Now’s a great time for more women to join the industry. However, personally, I think there are some blockers to bringing more in and perhaps some of it is to do with perception. So, how companies approach recruitment is very important. Quorum Cyber is really good at how we recruit. Our adverts are a lot more human, and make everyone feel good about the decision to apply for a job with us. They make you feel like you could actually make a difference here. And it’s true, we can.

Visit the Empowering You website if you would like to know more about the ‘Empowering Women to Lead Cyber Security’ programme.
You can read Kerry’s earlier blog, ’Making the world a safer place through cyber security’, in which she shares her journey at Quorum Cyber, on our careers’ website.