PGI, in collaboration with project management partner Development Alternatives Incorporated (DAI), recently completed a study under the USAID and International Telecommunication Union (ITU) initiative aimed at promoting gender equity and inclusion in cybersecurity across Asia and the Pacific.
The study explored the cybersecurity workforce and environment, including the participation of women, in five Southeast Asian countries—Cambodia, Indonesia, Laos, Mongolia, and Thailand. It identifies opportunities and challenges and proposes recommendations to inform future capacity-building strategies and principles.
PGI was able to draw on past experience in assessing and facilitating national and regional level cybersecurity workforce development and Women in Cybersecurity (WiC) initiatives and past experience developing cybersecurity workforces in Southeast Asia to ensure the study was informed by leading practice around the world.
What is holding women back?
Despite the growing demand for cybersecurity professionals, the research highlights that participation of women in cybersecurity roles across Southeast Asia is low, estimated between 5% to 25%. While there has been gradual improvement the study found that there are still several deep-rooted barriers hindering more significant progress. Societal expectations often pressure women to leave the workforce for family responsibilities, and they are less likely to be prioritised for higher education. These persistent gender stereotypes contribute to the belief that women are not suited for technical fields like cybersecurity. Discrimination and isolation are common, especially in educational settings where women are often in the minority.
Even when women do enter cybersecurity roles, they face additional hurdles when it comes to advancement, with stereotypes about leadership and technical capabilities limiting their promotion and leadership opportunities. This results in a lack of visible female role models, further exacerbating the issue of women not having the confidence to even consider this career path. Compounding these challenges is the limited availability of female-focused education and training initiatives.
Breaking new ground
Despite these challenges, the research identified several opportunities to enhance female participation in Southeast Asia’s cybersecurity sector. A key opportunity lies in fully utilising the labour market to meet the region’s diverse cybersecurity needs. By increasing women’s participation in cybersecurity education, training, and careers, countries in the region can build the necessary capabilities at the volume and depth required to effectively respond to evolving cybersecurity threats.
This more diverse workforce makeup is likely to develop more effective cybersecurity solutions by incorporating a better understanding of women’s and girls' digital experiences and behaviours.
Another significant opportunity is to empower and promote women in cybersecurity roles as role models, inspiring future generations of girls and women to pursue careers in this field and to take their digital security seriously. National and regional level WiC Fellowships provide examples of how this might be realised through highlighting the achievements of women in cybersecurity, providing visible and publicly celebrated role models and fellowship cohorts that can work together to promote the role of women in their field.
Blueprint for change
In response to these findings, the study offers key recommendations for future capacity building programs in the five countries and the wider region. One primary recommendation is to adopt an ecosystem approach when designing capacity building programmes and interventions, taking into account the national ecosystem—made up of eight identified interconnected elements (Fig. 1).
The report also advocates for co-designing interventions that foster sustainable, locally-led change, pursuing public-private partnerships, balancing short-term and long-term intervention strategies and working with the broader development community in addressing systemic barriers to women’s participation in the workforce.
As the digital landscape continues to evolve, including and empowering women in cybersecurity will be essential to ensuring Southeast Asia remains resilient in the face of emerging threats.
To explore the findings in greater detail, we invite you to read the full report. If you'd like to discuss the insights and recommendations further, please don't hesitate to get in touch with us.
Insights
Trust & Safety: A look ahead to 2025
Working within the Trust and Safety industry, 2024 has been PGI’s busiest year to date, both in our work with clients and our participation in key conversations, particularly around the future of regulation, the human-AI interface, and child safety.
Lies, damned lies, and AI - Digital Threat Digest
At their core, artificial systems are a series of relationships between intelligence, truth, and decision making.
A pointless digital jigsaw - Digital Threat Digest
Feeding the name of a new criminal to the online OSINT community is like waving a red rag to a bull. There’s an immediate scramble to be the first to find every piece of information out there on the target, and present it back in a nice network graph (bonus points if you’re using your own network graph product and the whole thing is a thinly veiled advert for why your Ghunt code wrap with its purple-backlit-round-edged-dynamic-element CSS is better than everyone else’s).