UK critical national infrastructure (CNI) organisations are facing a dearth of diverse cyber security talent, with a disproportionate amount of women afraid their jobs may be on the line when compared with men, according to new research by leading cyber security services firm, Bridewell.
The research found that 63% of female security leaders across the UK’s critical national infrastructure (CNI) have feared losing their job due to a cyber attack within the past month alone, compared to only 38% of their male counterparts. This makes them two-thirds more likely* to feel exposed to potential job loss than men.
In addition, almost a third (32%) of women say they are likely to leave their current cyber security role in the next 12 months due to experiencing stress and burnout which is impacting their personal life, amidst increasing cyber threats against critical infrastructure.
“Whilst we have seen an increase in the number of women in CNI security roles in recent years, they are still underrepresented in the industry. Efforts are being made to increase the support these women receive, however there remains scope for improvement,” said Grace Perry, Client Lead and Content Lead of the Bridewell Women’s Network. “CNI organisations must recognise how their working patterns, performance benchmarks and career development paths may bias towards men, leaving female professionals without the necessary support to thrive in their roles.”
The trend threatens to worsen the existing cyber security skills gap within CNI, which has widened by 64% in a year. Over a third (36%) of the CNI organisations surveyed by Bridewell, spanning transport and aviation, finance, utilities, government, and communications sectors, now admit they do not have the right skills in place to secure their IT infrastructure, compared to only 22% in 2022. Almost half (42%) of companies also lack skills to safeguard their operational technology (OT), heightening cyber risk to critical physical processes like power plants, water treatment, and transportation systems.
Bridewell’s findings coincide with the release of a government report revealing only 17% of the UK cyber workforce are female – a lower proportion than for all other digital sectors and a slight decrease on last year’s figures. Women also remain significantly underrepresented in senior cyber roles, occupying just 14% of these positions. The persistent gender disparity raises further concerns about burnout and a lack of sufficient professional support systems for women in the industry.
However, there is hope on the horizon as CNI organisations proactively seek diverse cyber talent with transferable skillsets. Bridewell found that almost half (40%) are encouraging informal networking among minority groups and introducing flexible working schemes, aiming to nurture cyber diversity through stronger connections and improved work-life balance opportunities. Over a third (38%) also combat gender bias by ensuring all job descriptions are written in neutral language.
Emma Leith, Director of Consulting at Bridewell, adds: “Failing to fix the cyber security diversity problem will further widen the skills gap, escalating the risk to UK critical infrastructure. CNI organisations must now take bold action to bridge the gap and embrace more diverse experiences and perspectives. This calls for a resolute, long-lasting commitment to breaking down traditional barriers and promoting organic culture change, driven by passionate individuals from the top down. Diversity, equality and inclusion (DE&I) must be at the core of their cyber strategies, with a focus on recruiting and retaining women and other underrepresented groups.”