- New Levels, New Devils: The Multifaceted Extortion Tactics Keeping Ransomware Alive
- Elden Ring, 2022's Game of the Year, hits a record low price of $20 on Amazon for Black Friday
- This is the best car diagnostic tool I've ever used, and it's only $54 in this Black Friday deal
- This robot vacuum has a side-mounted handheld vacuum and is $380 off for Black Friday
- This 2 TB Samsung 990 Pro M.2 SSD is on sale for $160 this Black Friday
Know Yourself, Know your Enemy: Diversity means Security
Covid-19 has created a new urgency for cyber security solutions in Asia
By Nora Cao, Director of Cyber Security & Privacy Affairs, Public Affairs & Communications Department, Huawei Technologies Co., Ltd
The ideas of ancient philosophers around the world seem more relevant to our lives than ever. The ancient Greek philosophers over 2000 years ago such as Socrates talked about the idea of “knowing oneself.” This means we must know ourselves before we can understand other people. In Eastern philosophy, Lao Tzu in the Dao De Jing explained “Knowing others is intelligence, knowing yourself is true wisdom.” These philosophers were writing long before the digital age but if we fast-forward to today, the idea appears to be very relevant to cyber security.
We need to know ourselves and understand others. It is easiest to understand like-minded people because we know how each other thinks. This, in a nutshell is why we need diversity within the cyber security industry – because if we can only relate to similar people, we will fail to understand how other people behave. The statistics speak for themselves. According to a World Economic Forum report (October 2021 Report), women make up 51% of the population, but comprise only 24% of the global cyber security workforce which includes 8% of Asian descent, which is fractionally lower than the ICT industry average of 25% (see European Gender Institute Survey). There isn’t much data regarding diversity in the tech industry in APAC but in many companies the ratio is 80:20 male / female ratio.
In the Asia region, women account for only 10% of the cyber security workforce. This article examines some of the cyber security issues affecting women that have been exacerbated by COVID-19 and why we need more female cyber security professionals; the challenges affecting women entering the cyber security; and ways to encourage women to enter the industry.
COVID-19 related challenges
As acknowledged in a recent UN Women brief (UN Women 2020), women in Asia are used to considering personal and family security in their daily lives. Therefore, cyber security has become like an extension of this. In particular utilization of, and dependence on technology has increased due to COVID-19 with greater use of online platforms, social media including education and work. This means that these mediums are more important than ever before in terms of promoting gender equality. However, this also increases the risk in terms of gender-based abuse, misinformation and in some countries, religious radicalization.
One of the key takeaways from understanding COVID-19 has been that gender analysis can aid greater understanding of how to develop wider policy and practice across ICT and the cyber security sector. For example, in AI, 78% of people working in the industry are men which in turn affects how algorithms evolve and the resulting bias. In many countries across Asia, women may have less access including private and safe access to technology such as COVID-19 helplines. In addition there has also been a rise in weaponized used of telecommunications against women. This includes behavior such as stalking and monitoring women via smartphones in real time.
Institutional and Legal Barriers to Diversity
Considering the number of women in the cyber security field it may be unsurprising that the relevant cybersecurity frameworks fail to adequately consider the threats faced by women. Legislation has also failed to develop and support new challenges as those outlined above. For example, fewer than 40% of states in Asia have developed laws to protect individual data privacy. Given the rise in cyber threats to women, and the lack of protection in place, individual cyber attacks are disproportionately skewed against women.
On a global level, the situation is not much better. For example the UN Group of Governmental Experts on ICT UN General Assembly – August 2021 (see pp: 24-26) has an average of 20% of women on their committee which makes it difficult for their perspectives to be influential and change policy.
Addressing the challenges in APAC
Covid-19 has exacerbated the gender gap from many perspectives. On a global level it affects economic participation and opportunity, health and survival, and of particular relevance to this article, educational attainment. The World Economic Forum shows that the gender gap is 68.8% for East Asia and the Pacific which means a lag of 165.1 years; and 62.7% for South Asia which brings the gap to 195.4 years respectively. If this gap is to be reduced, the following challenges need to be taken seriously and addressed by governments, corporations and other non-government institutions.
In a fast digitalizing world, ICT’s role must be as an enabler for society. This means it must support the education of all sectors of society to ensure that it is fairly represented in the way it is governed and managed in areas such as cyber security. For this to happen, what are the areas that need to be addressed?
We often talk about the lack diversity within the workplace, but to address issues in the pipeline – namely skills and confidence. Secondary school is a time when gender distinctions in education typically start to appear and students are encouraged to specialize in certain subjects. This is also an age for building confidence in science, tech and mathematics so it is important to build skills at this age in order to create a solid foundation, enjoyment and passion.
In some regions, this work is successfully done and women continue to university. But graduation from university does not mean that women will continue into the workplace. For example, Wu Yadong, Dean of the Computer Science and Engineering School at the Sichuan University of Science and Engineering, People’s Republic of China recently noted “We have found that only some female STEM students actually enter the tech industry after graduation, making the gender gap in the tech industry even larger than what we see in our schools.” Suggested approaches include supporting women to move into the workplace by not only ensuring that they are supported addressing skill gaps but also provided with the mental support that might be needed to survive male-dominated tech work environments.
Engage women so that their use of technology and potential risks can be mitigated. Perhaps even more crucially, allow women to understand that their personal insights, experience and contributions to the industry can influence how a technology is used. Therefore, starting with access to the internet, girls and women must be supported to develop their digital literacy.
Whilst education is often left to governments, corporations must step up to support. For example, Huawei recently announced that it will donate CNY1 million worth of vocational skills exam vouchers to 2,000 female STEM students from hundreds of application-oriented undergraduate universities and secondary and higher vocational schools in China. But how far will this go and is this enough? What can companies be doing externally and internally to encourage the much needed diversity in cyber security to ensure healthy, sustainable development of the industry? In March 2021, the Huawei Women Developer’ (HWD) program was launched with the aim of empowering women developers to create applications and tools that can change the world. The program is intended to encourage more women to join in technological innovation by providing participants with more opportunities and platforms for career development and skill training. Any woman developer from around the world can register to join the program on the HUAWEI Developers official website.
Overall talent shortage in APAC
It is only be providing women with access to the education and training that they need to be fundamentally competitive in the digital economy that we will achieve the diversity needed to create true security. A report by Michael Page released in April 2021 (Cyber security hiring trends), identified a talent shortage in cyber security of 43%. This does not include skills shortages in existing roles. It is known that around 95% of businesses do not have adequate cyber security measures in place, therefore, the value of investing in, and supporting to women in develop the relevant skills for this growing sector will ensure that it has a sustainable, diverse future. So let’s protect the future of the cyber world with preparation by encouraging a range of people who “know themselves.”
About the Author
Nora Cao is Director of Cyber Security & Privacy Affairs, Public Affairs & Communications Department, Huawei Technologies Co., Ltd. She joined Huawei in 2011 and has worked in China, Kenya and Germany. She worked as Public Affairs Manager and later as a Director. In June 2021 Nora was appointed Director of Cyber Security and Privacy Affairs, Public Affairs and Communications Dept for Huawei Technologies in Shenzhen. She graduated from Beijing Institute of Fashion Technology where she received her bachelor’s degree in Polymer Material and Engineering.
Nora can be reached online at Nora.Caowenji@huawei.com and at our company website http://www.huawei.com/