Lancaster University Management School - 54 Degrees Issue 26

middle-management positions. While navigating barriers, knowing no-one who had overcome them previously had a significant impact. In a sense, there is a ceiling that they cannot get through. MORE PERSPECTIVES Study participants described cyber security as a problem-solving domain that can benefit from diversity. It was particularly stated that with gender diversity there is a move towards more effective risk management: “… if there is only a siloed group of people, all straight, white, 50-year-old men, for example, making decisions, it’s likely that you’re not going to capture all of the things you need to capture [that you would] if there were other people in that room”. Having a diverse workforce means looking at threats and vulnerabilities from different perspectives, enables varied solutions and different viewpoints on dealing with cyber security challenges. The “Human Factor” is considered the weakest link in cyber security, as most breaches come from human error. The study shows that women are carving out a niche in human-centred cyber security and people centric cyber security where they are making social impact at family, community, organisational and societal levels. Therefore, increasing diversity can lead to increased security as human factors would be addressed at a larger scale. Our data shows women instinctively gravitate toward managing the Human Factor, so their under-representation across the sector is not just an equity issue, it is a strategic business risk. Further, something that particularly stood out was the agency exhibited by the study participants to connect with other women in the sector through local community initiatives, coaching and mentoring junior female staff, and initiating and taking part in awareness campaigns and school visits to increase number of female students in cyber security programmes. A cyber security business founder who also initiated a local community group noted: ‘The [community group] is a labour of love. My business is food for the table but [the community] is food for my soul… It enables me to communicate and get the people in the room that need to be talking to each other, to solve problems and break isolation’. WHAT NEEDS TO CHANGE? Organisational Promotion of Female Role Models: Role models are one of the most effective ways to enhance diversity in the profession. However, when it comes to who is taking on that responsibility, we found that it is women inserting themselves as role models, doing a lot of self-promotion and emotional labour and carrying most of the responsibility to widen participation. Evidently missing from taking a greater role are organisations. In fact, what we found was that the lack of organisational support is a significant barrier. There needs to be a shared responsibility when it comes to making role models visible. Organisations can contribute by promoting their female professionals on company communications channels such as websites, magazines and social media. Diversify Pathways into Cyber security: A traditional path into cyber security is through a relevant degree, e.g. computer science. Our study participants noted that another pathway enabling women without a traditional background, but with transferable skills, to succeed should be promoted. Several of our participants had degrees in physics, law, or media etc. Although they noted barriers such as being told they did not have a relevant degree, they managed to occupy senior roles and attributed that to transferable skills. This pathway allows women to convert from another career into cyber security, leveraging their transferable skills. Inclusive Recruitment Practices: Current job adverts were described as inaccessible for women due to how duties are framed, ultimately discouraging women to apply. There needs to be a change from presenting roles in an overly technical manner to emphasis on skills needed. Our participants referred to scenarios where jobs that were not technical were presented in overly technical terms. Making jobs more accessible would encourage more women to apply. FIFTY FOUR DEGREES | 33 Dr Boineelo Nthubu is a Lecturer in Business Management at York St John University, London Campus. She received her PhD from Lancaster University, and holds a Researcher position in the Department of Management Science. Her research interests are responsible AI, cybersecurity, inclusivity and diversity, and recently digital health and wellbeing. The paper Exploring Meaningful Work as a Lever for Promoting Gender Diversity in the Responsible Cybersecurity Profession, featuring initial findings from their project, was presented at the UK Academy for Information Systems (UKAIS) 2026: Make the World a Better Place: The Future of Intelligent Technology conference. Findings from the project were shared in an article in ITNow, the quarterly BCS member magazine, June 2026: Gender Diversity in Cybersecurity. The study was supported by a UKAIS 2025 research grant award. n.panteli1@lancaster.ac.uk; b.nthubu@yorksj.ac.uk Niki Panteli is a Professor of Digital Business in the Department of Management Science at Lancaster University Management School. Her research interests cover digital transformation, digital platforms, cybersecurity leadership, algorithmic management, hybrid work and online collaboration and gender dynamics in IT professions.

RkJQdWJsaXNoZXIy NTI5NzM=