Critical National Infrastructure: How secure is your country?


Nurturing Diversity and Inclusion in Cybersecurity

Maggie C2Risk
Risk Management

Nurturing Diversity and Inclusion in Cybersecurity

Insights from C2’s Advisory Board Member Maggie Titmuss MBE

When you look at the IT and tech industries, you can’t help but notice a lack of diversity. Even though we’ve seen more people from diverse backgrounds joining the field in recent years, they’re still not well-represented in the cybersecurity sector.

As innovation and technology marches forward at a rapid rate, it’s unfortunate that this progress doesn’t always extend to the dynamics within the organisations. It’s a fact that diverse teams tend to be 25% more likely to achieve above-average profitability. So, what can we do to change this?  

We recently sat down for a chat with Maggie Titmuss MBE, a member of C2’s advisory board, an advisor to various organisations, and who has mentored through Women in Banking & Finance, Mind the Gap, and Empowering Women to Lead in Cyber Security.

Maggie’s journey into cybersecurity didn’t exactly follow the traditional path, and it sheds light on the importance of varied perspectives in this ever-evolving field and the steps the industry needs to take to increase diversity in the field. 

What does change in the cybersecurity industry look like, and how can it happen at a quicker rate?

Change in the cybersecurity industry is a necessity, and we need to provide the impetus and the culture for change. I have the privilege of chairing the National Cyber Resilience Advisory Board for the Scottish Government, which allows me to work closely with agencies in Scotland. Our mission is to stoke interest in STEM fields, particularly cybersecurity, among primary and secondary school students. This goal, and one in which many organisations should embrace, is the need to educate young minds about the fantastic career opportunities and get them excited about pursuing careers in cybersecurity.

How can we make cyber security more attractive to a diverse audience?

We’ve got to challenge the current perception of cybersecurity as a somewhat mysterious, male-dominated domain. It’s crucial to shine a light on transferable skills, like leadership and problem-solving, and convey the message that you don’t need to be a coding whiz to thrive in cybersecurity. 

By dispelling these stereotypes and showcasing the variety of roles in the field and how they’re not pigeon holed by personality types, genders etc, we can make cybersecurity more attractive to a broader audience.

What are the barriers to promoting neurodiversity, and how can we overcome them?

The barriers largely come from the fear of the unknown. Many organisations hesitate to put in place necessary accommodations due to concerns about increased complexity and workload.

To break this down, we need to educate businesses about the benefits of neurodiversity and the adjustments required to create an inclusive environment. This kind of education is absolutely crucial for fostering diversity.

Did you know that 15-20% of the UK’s population is neurodivergent? That’s a vast talent pool that businesses aren’t tapping into. The skills gap is a real issue, not just in the UK, and we need to tackle it from various angles. Achieving global diversity requires a change in mindset and a rock-solid commitment to inclusion. We should share successful neurodiversity training programmes and promote awareness of their advantages to encourage broader adoption.

What role does mentorship and sponsorship play in promoting diversity in cybersecurity, and how can individuals contribute to these efforts?

Mentorship and sponsorship are the cornerstones of empowering women and diverse individuals in the cybersecurity field. Creating a space for people to discuss their challenges and support each other is key. 

Additionally, paying it forward by helping others is a significant part of fostering diversity in the industry. It’s all about building a tight-knit community that uplifts and encourages one another.

How can organisations promote diversity in hiring and leadership roles, and what strategies are effective?

Effective strategies include making diversity a priority in the hiring process, especially at senior levels. One successful approach is insisting on interviewing a diverse pool of candidates. But it’s crucial to steer clear of tokenism and focus on selecting the best candidates based on qualifications and skills, regardless of their gender or background. This ensures that diversity efforts aren’t just a checkbox to tick but a genuine commitment to inclusivity.

What are the challenges that women in technology face in terms of work-life balance, and how can they navigate this?

One of the most significant challenges in the tech industry, and many other sectors, is striking a balance between a career and family life. Women often find themselves in a tough spot. We need to offer support to those trying to manage both.

Take, for instance, my experience judging the Scottish Women in Technology awards, where I met incredible young women excelling in tech. They’ve shown that having a family and a career can go hand in hand. The challenge is in making it visible and ensuring that both aspects can coexist. Sometimes, it’s about acknowledging that you may not excel at both roles all the time and working somewhere that understands, supports, and respects this.

How can we help people transition into the workforce and reintegrate those who have been absent, such as veterans or individuals coming out of prison?

Supporting people as they re-enter the workforce is crucial, no matter where they’re coming from. Let’s take, for example, our efforts to assist veterans and their spouses in preparing for life after the military. Providing qualifications, like a six-week pen testing course/qualification can help them integrate into the private sector. It might not be a perfect fit, but it gets them into the workforce. 

The bigger picture is to show that opportunities are open to everyone, no matter their history, and to help them in any way we can to enter the workforce.

Initiatives such as the Armed Force Covenant which C2 is proud to support, is a great example of how businesses can commit to change and ensure inclusion.

C2’s Advisory Board:

Okay, let’s shift focus to C2 and its advisory board. What role does the advisory board here play, and how does it benefit C2?

C2’s advisory board is all about shaping the company’s strategic direction and growth. With their diverse backgrounds spanning law enforcement, finance, and more, board members offer unique perspectives that help C2 steer clear of groupthink and drive innovation. They play a pivotal role in shaping recruitment strategies and retention methods, making the company more appealing to a diverse workforce.

Can you share specific contributions you and the advisory board bring to C2?

We focus on recruitment strategies to ensure diversity and retention approaches that keep employees engaged. Our collective experience and insight add significant value to the company’s decision-making process. We help shape the working environment for C2’s employees.

In cybersecurity, embracing diversity isn’t just a value—it’s a strategic advantage. Studies have shown that companies with ethnically and culturally diverse boards are 43% more likely to experience higher profits. This statistic underscores the importance of having diverse perspectives on advisory boards, not just as a matter of inclusivity, but as a smart business decision that can positively impact the bottom line.

Maggie’s commitment to empowering women in tech and her role on C2’s advisory board showcases the transformative power of diverse leadership in an industry that thrives on innovation, collaboration, and adaptability. In cybersecurity, as in life, embracing diversity isn’t just a value—it’s a strategic advantage.

About C2

C2 is a UK risk management scaleup on a mission to help businesses survive and thrive in the digital economy. C2 helps organisations manage security and compliance in a way that’s unique to their business and that does more than simply ticking off digital checkboxes. C2’s industry-leading platform supports the public and private sectors in managing their threat landscape and improving vendor controls, project, privacy, and ESG risks.