Unfortunately, only 10-25 per cent of girls within their target group start studying IT and cybersecurity (see Informatics Europe Higher Education Data portal for more details). The same applies to other areas related to technology and engineering. The overabundance of male employees and specialists in these sectors can have an impact on the real world as well.
To be able to work in the IT field, you need three pillars: technical knowledge, people and organisation. Usually, being accepted in the field goes through the technical pipe first – if you are good at tech, then you can exceed in also approach the people and organisation-level positions. This has led to the situation where only those that have technical interest and skills in the area will get to work in the IT field. At the same time, technical skills can be easily developed, especially with an early start.
Birgy Lorenz, Senior Scientist at the Tallinn University of Technology, introduces the study “Role models”, in which they wanted to investigate female role models in cybersecurity and other IT sectors who have not been particularly visible to the public: what was their journey inside the IT industry, and how have they succeeded? The developed material was meant for 7-to-12-year-old students and their teachers, as well as parents that were both analytical and educational. The goal of the project was to learn about the good, the bad and the ugly of top level role models and specialists in the field of IT to help shape the career path of the young girls that are still in schools today.
A collection of 57 stories and interviews of women ranging from October to November 2021 was published, and it explores their backgrounds, their careers - how they became specialists or leaders in the area, what they are inspired by, which downsides they have overcome in their path, etc. There were three young talents under 18 years of age, 16 on the specialist level, 15 senior level specialists, and 23 on the leader/managers positions. We also showed the materials to young Estonian male hackers, who stated that this is the material they would have wanted to read when they first started their journey.
From the Role models study, half of the respondents (28 out of 57) had their first contact with the field of cyber security at work, but 28.3 per cent of them came across the topic at university (mostly at the bachelor's level) and 13.6 per cent got an idea about it already in high school. This shows that in the interviewed pool there are various levels of people – some are still under 30 and others are older. On a basic school level, 84.1 per cent mention having open thematic extracurricular lessons in schools on IT subjects; 79.5 per cent provide electives of IT subjects; 77.3 per cent mention tours to IT companies that are part of practical lessons in IT subjects; 73 per cent include external speakers to the lessons. This would give the possibility to invite more women as speakers in the field onsite, as well as promoting IT and cybersecurity programs for a vocational school or university level. The interviewees point out that self-study courses and one-off seminars are less likely to help to make a difference or change the attitude toward the IT field. The interviewed role models feel that a special cyber defense course offered to everyone in high school would not be particularly helpful if made mandatory.
It is important to start thinking about future work and career development at a young age. But career planning is just as important at every stage of life when we take inventory of what has been done and how to proceed in our working life. The development of technology inevitably leads to substantial changes in the job market, as well as changes in job tasks and responsibilities, especially for those professions with evolving needs over coming years. A more extensive use of technology allows routine tasks to be delegated, automation and digitalisation reduce the need for and dependence on labour. It is estimated that half of all jobs will be lost over time due to automation, while new roles and careers will be created. Most of the new job opportunities will be technology-based but will require people and organisational competences as well.
There is not a single reason why women - or men - should be left out of the IT and cybersecurity jobs that are currently available or will be created in the future, and the competitive salaries that come with it. Working in this field should have equal access opportunities for everyone, regardless of gender, and the work carried out should equally consider and address the needs of everyone, regardless of their gender. If a certain field is only managed by an overwhelming majority of a certain group of people, then the result of this work will inevitably only reflect the perspective of such homogeneous group.
There must be more representation of people from different backgrounds and experiences in cybersecurity and IT, which will give the industry a more multi-layered view and, in the end, an advantage. Please note that the full paper was presented at ICEM 2022 on 12-14 October in Portugal.
Find more information about the work of the Estonian Safer Internet Centre, including its awareness raising, helpline, hotline and youth participation services – or find similar information for Safer Internet Centres throughout Europe.