Bulletproof’s range of cyber security, data protection and compliance services are your best defence against threats to your business. With nearly a decade of providing trusted security services, we’re continuing our mission of solving the greatest cyber security & compliance challenges through innovation and simplicity. Explore our range of services and find out how Bulletproof can help your business.
Helping people solve their security challenges is what we do, so we’re always keen to hear from you.
Discover CREST penetration testing & continuous security
Internal & external infrastructure, network & system testing
Manage multiple tests & get external security assurance
Thoroughly assess your web apps & APIs for security flaws
Test your response to a simulated real-world cyber attack
All cloud platforms & services tested, including Azure & AWS
Test your human cyber defences with social engineering
Android, iOS & custom mobile application security testing
Find out more about penetration testing – what it is, when you need it, and why it’s a core component of any business. Discover how pen test helps with compliance, powers best practices, and helps your organisation win new business.
Gap analysis, implementation, audits & more from GDPR experts
On-going support to easily manage your data protection obligations
Consultant-led support to meet all levels of DSPT submission
Flexible & engaging data protection training from certified experts
Get peace of mind that your data protection is being managed by trusted, certified consultants. All Bulletproof data protection services are delivered by our highly trained, experienced and qualified staff.
Gap analysis, implementation, audits & more from dedicated ISO consultants
Find the next step in your strategy with this consultant-led assessment
Get quick & easy CE certification with a range of feature-packed packages
Flexible access to top-tier information security strategy & management
Experienced SOC 2 consultants, AICA audits & compliance automation platform
On-site, remote and video-based security training to boost your resilience
Affordable expertise & support to help you meet & maintain PCI DSS compliance
Go beyond compliance with information security services that are designed to give real operational benefits to your business. All delivered by seasoned, certified Bulletproof security consultants.
24/7 defence against cyber attacks with proactive threat detection
Get help responding & recovering from cyber incidents
Detect, analyse and stop cyber attacks with real-time prevention
Forensic support & data recovery following cyber attacks
Stay on top of new vulnerabilities with powerful, flexible scanning
Evaluate your wireless network for security weaknesses
Discover how your business can identify & manage cyber threats
Comply with regulations, meet certification standards & best practices
Train and test your staff for security resilience, data protection & compliance
No matter what your cyber or compliance challenges, Bulletproof is here to help. We like to work with you as a trusted partner to solve problems, not sell services. No pressure tactics and no false promises.
Learn about our mission to make cyber & compliance accessible to all
Grow your business with high-margin, high-value & partner-ready services
Become part of the Bulletproof team & supercharge your career
Bulletproof’s in-house SOC powers our Managed SIEM & MDR services
We love to talk. Tell us about your cyber & compliance challenges
At Bulletproof we love to solve problems with simplicity & innovation. It’s our mission to make compliance & cyber security services accessible to all. We take pride in building and nurturing teams of exceptional talent, so we’re confident that our cyber security & compliance services are the best way to stay one step ahead of the hackers and protect your business.
Helping people solve their security challenges is what we do, so we’re always keen to hear from you, no matter what you have to say.
Get the latest news, views & expert insight in the world of cyber security, data protection & compliance
A helpful index of cyber security terms, compliance acronyms and industry terminology to make life easy
Discover what we have to say about the threat landscape & what businesses need to know to get ahead
Find out how we can make companies like yours Bulletproof. Don’t take our word for it, hear direct from our clients
Detailed insights & helpful tips for understanding penetration testing, data protection & more
Interesting data & top tips at a glance, with insightful infographics covering all areas of cyber security & compliance
Watch our experts talk through their thoughts & opinions on a variety of security & compliance topics
See when & where we’re going to be bringing Bulletproof insight to an event near you
Ayisha Bari
Find out what ransomware is, how attacks work & types of attack to help you get started with keeping ransomware out of your business.
Read More
In an age pushing for diversity, is it fair to say cyber security is still an industry dominated by men? A quick Google search seems to suggest so. Admittedly, “cyber security industry male dominated” is a somewhat loaded search, but the point still stands. By simply peering over my monitor and surveying the Bulletproof office, I am greeted by the many grizzled faces of men staring fixedly at their screens hard at work, or at least pretending to be.
I exaggerate of course, but there is a case to be made that considering the global shortage of cyber security professionals, the industry needs to be working harder to encourage people from all backgrounds to get involved. Having said that, trends are slowly moving in the right direction. For example, the number of women CISOs has grown to 20% in 2019.
However, this logically means that 80% will be male, which is not necessarily what you will call a balanced figure. Despite this growth, there is an argument to be made that less women are currently working in ‘tech’ overall than there were in the 1980s. Furthermore, following the news that the UK government has issued new funding to help drive diversity in cyber security, it’s clear the industry is falling behind other industries as far as diversity is concerned.
Lots of intelligent people have talked around this subject, and there still isn’t much of a consensus as to why this is. I very much doubt that I’ll be the one to solve it. Of the limited skills I possess, solving age old social issues isn’t one. However, there are various factors that should be considered.
For example, cyber security makes up part of the vast sector that can be defined by the vague term ‘IT’. In 2018, a mere 7% of tech positions were held by women in Europe. So naturally, being a small wedge in the cheese of IT, it’s not surprising that cyber security is lacking in women.
There is a case to be made that the fact that industry is so male dominated, contributes to it remaining as such. That’s not to say that the industry is being deliberately managed as a ‘boys club’, though there are undoubtedly isolated cases where this is sadly true. Representation is important. If recruitment fairs or industry talks aimed at student types are invariably sporting male faces, potential recruits may well get the impression that cyber security is for men. It reinforces a stereotype.
A study conducted in 2017 states that most women decide against a career in cyber security by the time they are 16. Obviously, I am over simplifying. There are no doubt numerous factors that come into play, but young people are notoriously impressionable.
There’s also the image of the cyber security expert. Search “hacker” (a term largely synonymous with cyber security) and you’re usually greeted with numerous pictures of a man wearing a hoodie. As far as mainstream culture is concerned, hackers are men and they are always cold.
This image keeps popping up whenever people discuss cyber security and, in some ways could go on to explain the shortage of experts in general. It’s not a positive image. It hints at something vaguely sinister and ‘nerdy’ and fails to highlight the fact that anyone can earn good money through a rewarding and legitimate career in cyber security.
Interestingly, it’s worth noting that the aforementioned image is somewhat outdated. Cyber security is becoming more and more about people than it is about tech. Just look at the evolution of phishing and other elements of social engineering. Phishing is all about convincing people to click links, download files or send money to accounts. Social engineering is all about knowing how people work and think and using this against them.
At Bulletproof, we’re seeing a huge rise in interest for our bespoke training programmes. Why? Because people are the most important part of any cyber security defence strategy. AI and machine learning technology is rapidly evolving and requires a lot of knowledge of how humans think and make correlations. Cyber security is more sociable than many people realise. Whilst, like any job, there is a lot of monitor staring involved, there are many other elements to cyber security that aren’t nearly emphasised enough.
At this point, I should address the fact that being a man myself, waffling on about the industry being male dominated may seem counterproductive. So, in order to get a better view of it, I spoke to Sarka, a Manchester based penetration tester, to get her thoughts on the issue. She has cofounded InfoSec Hoppers, which hosts quarterly meet ups for women working, or interested in working in cyber security. Their aim is to encourage women in cyber security to talk about their work, attend conferences, and encourage greater diversity in what is a vibrant field.
Sarka says, ‘I think the whole wave of attention to less women in tech has put attention on the wrong side of things. We, as an industry, are lacking skilled professionals full stop.’ Which is certainly true. It’s said there will be a shortfall of as many as 3.5 million vacancies in cyber security by 2021.
Sarka goes on to say, ‘The issue I see is the vicious circle of needing experience just to get experience. I see so many people from my community that can’t find jobs because of this, and that’s the real issue with our industry now. It should be about skills and not gender.’
So, therein may well lie the problem for both the shortage in cyber security staff as a whole, and for the apparent lack of women. Companies have vacancies that they want to be filled by people with at least X number of years in the industry.
That is all well and good, but unless they are also creating positions for those fresh out of school or university, then there’s no way for a new generation to get X amount of years. It seems logical that, if an industry is currently dominated by men, and it’s becoming increasingly difficult for people to get their foot in the door, then the industry will remain dominated by, not just men, but the same men.
There is plenty of talent or potential talent out there, we just need to nurture it and hone it to create the next generation of cyber security experts. That’s not to say we should seek out diversity for diversity’s sake, but (as CREST President Ian Glover puts it) ‘for the sake of the industry. By consistently taking people from the same backgrounds, we’ll keep coming up with the same approaches and solutions.'
If we can alter the image of the cyber security professional from the basement dwelling, anti-social anarchist to something more palatable, then more people might develop an interest.
More people will generally mean greater diversity. If we then go on to provide more entry level opportunities that don’t require an incredibly detailed CV, then that interest can be developed into a bona fide security expert.
The notion of ‘hacking’ becoming intertwined with the idea of cyber security is also problematic. Too many people think the only job available in cyber security is penetration testing or bug hunting. Not everyone likes the idea of becoming a hacker, but that doesn’t mean cyber security isn’t the industry for them. The truth is there is a huge variety of jobs, such as SOC analysts, DPOs, network architects, digital forensics and more.
Ultimately, it doesn’t matter who you are, if you’re interested in tech and passionate about cyber security, the industry wants you – nay it needs you. There’s a wide variety of jobs in the industry to suit different interests and skill sets. Check out our careers page if you’re interested in working for Bulletproof. If there are no current vacancies, send us your CV anyway and we can see if we have a position for you.
We’re proud to say we take on keen graduates and offer work experience placements with the hope to furnish the next generation with the skills to take on tomorrow’s cyber-threats and progress in a truly rewarding cyber-security career. We need to fill the staff shortage gap before it really becomes a problem.
Joseph is a Communications Executive and Security Blogger who has contributed articles covering a range of topics including staying ahead of cyber threats.
Find out how to secure your business in 10 steps with our free best practice infographic.
If you are interested in our services, get a free, no obligation quote today by filling out the form below.
I'd like to receive Bulletproof communications about relevant services and events
For more information about how we collect, process and retain your personal data, please see our privacy policy.