Fifth of UK security pros discriminated against in 2021

The NCSC’s and KPMG’s Diversity and inclusion in cyber security report studied the obstacles faced by cyber security professionals

A photo of an encyclopaedia definition of the word "discrimination"

Over a fifth (22%) of cyber security industry professionals have experienced discrimination in the last year, according to new findings published by the National Cyber Security Centre (NCSC) and KPMG UK.

This is up from one in six (16%) in 2020, with respondents experiencing career barriers as a result of one of their characteristics has risen significantly, from 14% last year to 25% in 2021.

The NCSC’s and KPMG’s Diversity and inclusion in cyber security report studied the obstacles faced by cyber security professionals across a range of characteristics – including ethnicity, gender, sexual orientation, neurodivergence, and disabilities.

The report found that, although the cyber security industry is in many areas more diverse than the overall UK population, not everyone feels as if they can freely be themselves in the workplace.

For instance, 37% of surveyed individuals with a disability were uncomfortable disclosing their disability at work, due to fears of discrimination. The report also found that, although gay and lesbian respondents were one of the groups most confident in themselves, with 89% being comfortable disclosing their sexual orientation in the workplace in 2020, this had fallen to 76% in 2021. Bisexual respondents experienced an even steeper fall in confidence, with only 47% being comfortable with disclosing their identity at work – down from 77% in the previous year. By contrast, 91% of heterosexuals are comfortable disclosing their sexual orientation at work.

Based on the report’s findings, the NCSC drafted recommendations for the cyber security industry that would help drive progressive change. This includes taking an active role in leading on diversity and inclusion, leveraging the sector’s expertise in data to better understand how diversity and inclusion can be embedded across the talent lifecycle, and creating accessible and clear job descriptions and adverts for cyber roles.

The UK Cyber Security Council’s CEO Simon Hepburn said that the body “warmly welcome[s] and applaud[s] this second annual report by NCSC and KPMG”, which he described as “solidly researched”.

“It’s vital not just to help the sector fill the tens of thousands of vacancies that exist, but for the sector and the UK to benefit from the wider range of abilities, improved creativity, different thinking, and alternative contributions of a truly diverse, inclusive cyber security workforce. The Council and the NCSC are in lockstep over the D&I [diversity and inclusion] objectives for the sector and, to that end, we also welcome and agree with the conclusions of the report,” he stated.

Related Resource

The truth about cyber security training

Stop ticking boxes. Start delivering real change.

Pair of feet in socks with a chair and plant in the backgroundFree download

However, Hepburn noted that the recommendations made by the report don’t address how the industry can achieve them, adding that “programmes will need to be devised and executed”.

“The Council will therefore play its full role in devising, driving, and supporting D&I programmes, through the Council membership which we are at the start of building. I encourage cyber-related organisations that want to lead the way in D&I, and which want to show the sector that they're leading the way, to join us without delay. There is much to do,” he said.

Featured Resources

How virtual desktop infrastructure enables digital transformation

Challenges and benefits of VDI

Free download

The Okta digital trust index

Exploring the human edge of trust

Free download

Optimising workload placement in your hybrid cloud

Deliver increased IT agility with the cloud

Free Download

Modernise endpoint protection and leave your legacy challenges behind

The risk of keeping your legacy endpoint security tools

Download now

Recommended

Russia's "politically motivated" REvil raid could be used as leverage, experts warn
ransomware

Russia's "politically motivated" REvil raid could be used as leverage, experts warn

17 Jan 2022
Meta files lawsuit to uncover hackers targeting Facebook, WhatsApp
phishing

Meta files lawsuit to uncover hackers targeting Facebook, WhatsApp

21 Dec 2021
Five things to consider before choosing an MFA solution
Security

Five things to consider before choosing an MFA solution

17 Dec 2021
Australia and US sign CLOUD Act data-sharing deal to support criminal investigations
cyber crime

Australia and US sign CLOUD Act data-sharing deal to support criminal investigations

16 Dec 2021

Most Popular

Sony pulls out of MWC 2022
Business operations

Sony pulls out of MWC 2022

14 Jan 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

6 Jan 2022
Dell XPS 15 (2021) review: The best just got better
Laptops

Dell XPS 15 (2021) review: The best just got better

14 Jan 2022