IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

One third of cyber security pros report experiencing workplace harassment

Respect in Security has called on companies to make it easier and safer for employees to report harassment

A new initiative is working to shatter the misconception that reporting harassment in the workplace is disloyal to the company or the community, at a time when 47% cyber security professionals report experiencing bullying behaviour in the office.

Almost one in two cyber security employees have experienced harassment at work socials (48%) and in the office (47%), while more than a third said that it had occurred at industry events (36%), according to Respect in Security, an anti-bullying group made up of cyber security professionals.

Those who have actively reported harassment said that it was most often experienced on Twitter (44%), although more than one in three had also experienced it over email (37%).

Nikki Webb, one of the founders of Respect in Security, which officially launched on Thursday, told IT Pro that harassment is a multifaceted issue that can be difficult to quantify.

“Harassment does come in many different forms, be that online or in person, (...) verbal or nonverbal, and it can be direct communication with somebody or it can be done as deliberate action to exclude individuals.”

This includes deliberately not inviting a coworker to a company drinks outing, or excluding them from the office group chat. Whatever the scenario, Webb said that the actions all have one goal in common:

“They violate somebody's personal dignity, which can then create an intimidating or hostile working environment,” she said. “Everybody's perception of harassment is different. What I might perceive as something that's quite funny and jokey, you might take offence to that.

"I think if Respect in Security can do one thing, it's to make the perpetrators step back just for one minute and think: how do my actions affect somebody else? How might that make that person feel?”

Co-founder Marc Avery added that neither he nor Webb are “trying to define any code of conduct”.

“We're not trying to define what harassment is or it isn't. But it's very much to the point about how people are made to feel as a result of somebody else's actions, however they were intended,” he told IT Pro. “We're not here to be judge and jury. (...) We want to raise awareness and get people talking about it.”

Respect in Security found that, of 302 professionals surveyed, 16% said they wouldn’t report an instant of harassment, either by choosing not to (9%) or because of fear (7%).

In fact, the lack of discussion surrounding harassment in the cyber security sector means that the issue is likely just the tip of the iceberg. More than two in five (44%) of respondents said that they believe that reports of harassment in the industry are fairly accurate, while a quarter (25%) think they are under-represented.

The issue has been further magnified by the shift to remote working. With some offices remaining closed, while hospitality venues now reopened, it’s now easier than ever to exclude a colleague from a Friday afternoon pub outing.

“I think that's even worse now that we've been locked down,” Webb told IT Pro. “Imagine how they will feel on a Monday, with people chattering about [the meet-up] at the team meeting.”

Related Resource

Being a responsible firm in a throw-away society

Sample our exclusive Business Briefing content

Business man with a suit made of trees - The Business Briefing from IT ProDownload now

Respect in Security is calling on companies to take a stand against such incidents by signing the anti-harassment pledge. By signing it, employers agree to not tolerate, condone, or ignore any form of harassment; ensure that employees are not asked to operate in unsafe environments; as well as protect the anonymity of those reporting suspected violations.

Moreover, the company agrees to empower its staff to come forward with reports without fear of retaliation, and regularly educate them about what constitutes harassment and why it’s never acceptable, while also continually maintaining and actively reviewing their reporting mechanisms.

This could be a helpful step for many other organisations across the tech sector, with Google Cloud recently coming under fire for allegedly telling an employee to take mental health leave when they disclosed an incident of racial discrimination.

While 82% of surveyed cyber security professionals said their organisation has an anti-harassment policy and complaints procedure, nearly half (45%) said that their employer should do more to ensure all employees understand what constitutes harassment and what acceptable behaviour looks like.

Webb argued the cyber security industry needs to do more to be a safe and welcoming space for new members, especially the new generation of young professionals:

“I absolutely love the cyber security industry,” she told IT Pro. “I think that's probably one of my drives behind getting involved in this.”

Featured Resources

2022 State of the multi-cloud report

What are the biggest multi-cloud motivations for decision-makers, and what are the leading challenges

Free Download

The Total Economic Impact™ of IBM robotic process automation

Cost savings and business benefits enabled by robotic process automation

Free Download

Multi-cloud data integration for data leaders

A holistic data-fabric approach to multi-cloud integration

Free Download

MLOps and trustworthy AI for data leaders

A data fabric approach to MLOps and trustworthy AI

Free Download

Most Popular

The top 12 password-cracking techniques used by hackers

The top 12 password-cracking techniques used by hackers

14 Nov 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

15 Nov 2022
Interpol arrests nearly 1,000 cyber criminals in months-long anti-fraud operation
cyber crime

Interpol arrests nearly 1,000 cyber criminals in months-long anti-fraud operation

25 Nov 2022