One third of cyber security pros report experiencing workplace harassment
Respect in Security has called on companies to make it easier and safer for employees to report harassment
A new initiative is working to shatter the misconception that reporting harassment in the workplace is disloyal to the company or the community, at a time when 47% cyber security professionals report experiencing bullying behaviour in the office.
Almost one in two cyber security employees have experienced harassment at work socials (48%) and in the office (47%), while more than a third said that it had occurred at industry events (36%), according to Respect in Security, an anti-bullying group made up of cyber security professionals.
Those who have actively reported harassment said that it was most often experienced on Twitter (44%), although more than one in three had also experienced it over email (37%).
Nikki Webb, one of the founders of Respect in Security, which officially launched on Thursday, told IT Pro that harassment is a multifaceted issue that can be difficult to quantify.
“Harassment does come in many different forms, be that online or in person, (...) verbal or nonverbal, and it can be direct communication with somebody or it can be done as deliberate action to exclude individuals.”
This includes deliberately not inviting a coworker to a company drinks outing, or excluding them from the office group chat. Whatever the scenario, Webb said that the actions all have one goal in common:
“They violate somebody's personal dignity, which can then create an intimidating or hostile working environment,” she said. “Everybody's perception of harassment is different. What I might perceive as something that's quite funny and jokey, you might take offence to that.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"I think if Respect in Security can do one thing, it's to make the perpetrators step back just for one minute and think: how do my actions affect somebody else? How might that make that person feel?”
Co-founder Marc Avery added that neither he nor Webb are “trying to define any code of conduct”.
“We're not trying to define what harassment is or it isn't. But it's very much to the point about how people are made to feel as a result of somebody else's actions, however they were intended,” he told IT Pro. “We're not here to be judge and jury. (...) We want to raise awareness and get people talking about it.”
Respect in Security found that, of 302 professionals surveyed, 16% said they wouldn’t report an instant of harassment, either by choosing not to (9%) or because of fear (7%).
In fact, the lack of discussion surrounding harassment in the cyber security sector means that the issue is likely just the tip of the iceberg. More than two in five (44%) of respondents said that they believe that reports of harassment in the industry are fairly accurate, while a quarter (25%) think they are under-represented.
The issue has been further magnified by the shift to remote working. With some offices remaining closed, while hospitality venues now reopened, it’s now easier than ever to exclude a colleague from a Friday afternoon pub outing.
“I think that's even worse now that we've been locked down,” Webb told IT Pro. “Imagine how they will feel on a Monday, with people chattering about [the meet-up] at the team meeting.”
Being a responsible firm in a throw-away society
Sample our exclusive Business Briefing content
Respect in Security is calling on companies to take a stand against such incidents by signing the anti-harassment pledge. By signing it, employers agree to not tolerate, condone, or ignore any form of harassment; ensure that employees are not asked to operate in unsafe environments; as well as protect the anonymity of those reporting suspected violations.
Moreover, the company agrees to empower its staff to come forward with reports without fear of retaliation, and regularly educate them about what constitutes harassment and why it’s never acceptable, while also continually maintaining and actively reviewing their reporting mechanisms.
This could be a helpful step for many other organisations across the tech sector, with Google Cloud recently coming under fire for allegedly telling an employee to take mental health leave when they disclosed an incident of racial discrimination.
While 82% of surveyed cyber security professionals said their organisation has an anti-harassment policy and complaints procedure, nearly half (45%) said that their employer should do more to ensure all employees understand what constitutes harassment and what acceptable behaviour looks like.
Webb argued the cyber security industry needs to do more to be a safe and welcoming space for new members, especially the new generation of young professionals:
“I absolutely love the cyber security industry,” she told IT Pro. “I think that's probably one of my drives behind getting involved in this.”
Having only graduated from City University in 2019, Sabina has already demonstrated her abilities as a keen writer and effective journalist. Currently a content writer for Drapers, Sabina spent a number of years writing for ITPro, specialising in networking and telecommunications, as well as charting the efforts of technology companies to improve their inclusion and diversity strategies, a topic close to her heart.
Sabina has also held a number of editorial roles at Harper's Bazaar, Cube Collective, and HighClouds.