Around a third of cybersecurity professionals have personal experience of facing harassment and abuse either online or in person – and a new initiative is aiming to provide support to victims while also encouraging action to help stop bullying and abuse across the industry.
Set up with the aim of taking stand against all forms of harassment in the cybersecurity industry, Respect In Security is encouraging organisations to formally pledge their commitment to creating a workplace and professional community free from harassment and fear.
Research by Sapio Research on behalf of Respect In Security found 32 percent of 302 cybersecurity professionals surveyed have experienced harassment online via email, LinkedIn, Twitter or other social media platforms, while 35 percent have experienced it in person at industry events, the office or work socials.
"As an industry we spend a lot of time online and probably a lot more so than other industries… so I think in that respect we are quite unique in that we are more exposed to some of the online stuff," said one of the co-founders of Respect In Security, Lisa Forte, partner at Red Goat Cyber Security.
In an interview with ZDNet Security Update, Forte said she has been sent unsolicited explicit videos, had fake profiles set up using her name, and been threatened via messages on social media.
Respect In Security's research revealed that male, female and non-binary people have all faced abuse.
"This is a broad industry wide issue. It affects men and women, affects people of all sexual orientations, affects people of all skin colours," Rik Ferguson, VP of security research at Trend Micro and a co-founder of Respect In Security told ZDNet Security Update.
"We are here to make a stand for a fair and for a more respectful industry and if we ever hope to professionalize cybersecurity, which is where we need to go, this is job zero on the list to get done," he said.
"I think people will walk away from [the industry], and I think a lot of people might be put off, you know, deterred from entering it," Ferguson added.
Respect In Security is encouraging organisations in the information security industry, as well as other organisations with cybersecurity teams to sign its pledge and help to build a more tolerant and respectful industry.
The pledge not only represents a commitment from companies to build a respectful environment, but also a promise to publish a grievance policy externally, so in the event of harassment taking place, there are systems in place that mean it can be reported.
"Like a vulnerability claim procedure if you think you've discovered a vulnerability in someone's product, there's a process to go through that those companies will publish; here's how you contact us, here's how we're going to deal with it, here's what you can expect - we want to see that with regards to harassment and abuse as well," said Ferguson. You can watch the full interview here.
MORE ON CYBERSECURITY
- Why improving diversity in cybersecurity is vital for everyone
- Instagram debuts new tool to stop abusive message salvos made through new accounts
- Transgender employees in tech: Why this "progressive" industry has more work to do to achieve true gender inclusivity
- Web creator Berners-Lee: Here's why the web is failing women and girls
- Protecting women in the cloud: eSafety hopes the Online Safety Act will do just that