Why an all girls team is likely to win the cybersecurity challenge - if any enter.

The press cover for the first of the 2014 Cybersecurity Challenge competitions in Wired and the BBC illustrates the problem of attracting women into security related careers – even though we now know that women were not only 70% of the overall workforce at Bletchley Park, but provided several of the elite codebreakers and ran much of the operation with not a fit man of military age in sight (save for a few math prodigies, engineers from Dollis Hill and  BTM and the officers who handled liaison with the Military).

The women programmed and operated the Bombes and Collossi and ran the Registry: alias the Sigint processing operation that was central to the success of the entire operation. [Then, as now, the signal headers and routing information, alias “communications data”, alias “meta data” was often more important than the message content].

That is not, however, one of the “messages” that GCHQ, NSA (or Google) wish us to understand – let alone appreciate because of the consequences if we were to fully understood the implications for our personal privacy and security in a world where everyone is tracking what we do on-line and claiming the right to refine the new “oil” for sale to …

No wonder those creating the myths for the actors in the theme park have no wish to have visitors listening to elderly volunteers who remember the reality, including the transition to the Cold War. Hence the importance of the schools programme run by the museum.  
There is a splendid (albeit sometimes using terminology that is annoying for someone as politically incorrect as myself) paper on the gender biases at Bletchley . These reflected those of the armed forces at the time and led to a complaint that the women were treated as girls – not equals.

But many, indeed most, were “girls”:

Rosalind Hudson , the youngest of the 13 cryptanalysts in Hut 8 was only 15.

Few were over 25. 

Mavis Batey (said by some to be more gifted than Turing) was only 19 when she and Margaret Rock broke the Italian Enigma system in time for a surprise Italian fleet attack on a troop convoy to be turned into the Royal Navy’s last “fleet action”, the Battle of Matapan.

Dilly Knox‘s comment, when fighting in vain for Margaret Rock (who was older) to be placed in the right pay grade, because she was “quite as useful as some of the professors”, should be seen as a direct comparison with Alan Turing, whose nickname was “Prof”.

The team of Batey and Rock went on to break the four wheel Abwehr (German Secret Service) Enigma Code and enable the system to be reverse engineered in time for the Double Cross System, central to the success of the Sicily and Normany Invasions. Meanwhile Turing’s intellectual peer, fiancee (but not for long) and successor in running Hut 8 (albeit with a man nominally in charge to handle the military interface), Joan Clark , was similarly airbrushed out of history – perhaps because she was still working for GCHQ when FW Winterbotham broke the secret of Enigma in a book which misled readers as much as it informed them.

Perhaps that airbrushing was thorough because of the “girls” who went on to have careers at the heart of Cold War espionage (albeit the talents of many others were sadly neglected).

Dilly Knox’s “Epitaph on Matapan to Mussolini”:

“These have knelled your ruin, but your ears were far away
 English Lassies rustling papers through the sodden Bletchley day”

appears to have remained classified until after the last of the Bletchley “girls” had retired from GCHQ. And some of what they did, while rustling those papers, has still not been released.

So how do we attract the Hudsons, Batey’s, Rocks and Clarks of today?

– bearing in mind that one of the most subtle practitioners on the “Dark Market” is said to be a woman, not just a man masquerading as one. I assume the reason we know she really is a “she” is that she is among those on the staff of GCHQ and the NSA who increasingly frequent the various forums – as they begin to pay more attention to protecting us, not “just” the state.

That leads me to the quote from Stephanie Daman, CEO of the challenge and previously Head of Group Information Risk for HSBC  which concludes the BBC article on the challenge:

Do we really think GCHQ operations affect us on a daily basis? I would say it’s the banking system, or the ability not to do your Waitrose shop. At another level it’s the ability to have electricity in your house.

Cybersecurity underpins so many things – GCHQ is just a small piece of a much bigger puzzle. I can understand why it might be troubling for some people, but I think the focus on GCHQ misses the much broader picture.

One of the things I learned from the first Women into IT Campaign [1988 – 92 and we raised the intake from barely 10% to over 30% only to see it fall back again afterwards as the lessons were ignored] was “Vive La Difference”. On average women are very bit as good as men at most of the functions in IT (markedly better at some) – but tend to have a different approaches to problems. One of those is a desire to understand the context and the objectives, as opposed to “playing with technology for its own sake”. That is why I would expect teams of girls to be rather better at identifying what motivates the Flag Day Associates and who they are, not just how they operate and how to protect against them.  

The issue is to get the girls to understand not only why they are likely to succeed and to enjoy themselves but also the range and variety of constructive careers to which success will open the door. And that depends on employers who want to be able to assess the best of the talent coming out of out schools and colleges understanding how and why they should support the Cybersecurity Challenge – including this competition and those being organised to get the youngsters of today to look at the careers of the future and how to attract their peers.

I will blog on the latter later. This is enough for now.