Keast-Butler takes on the role in May and aims to make the UK more secure through diversity. Credit: UK GOV The UK government has appointed Anne Keast-Butler as the new director of intelligence, security, and cyber agency Government Communications Headquarters (GCHQ). Keast-Butler was appointed following a cross-government recruitment process and will succeed Sir Jeremy Fleming, who is stepping down after six years in the role. Keast-Butler, currently serving as deputy director general at domestic counterintelligence and security agency MI5, will become the first female director of GCHQ. She will take up her post in May.Prior to MI5, Keast-Butler spent two years on secondment to GCHQ as head of counter terrorism and serious organised crime. She has also spent part of the last decade on secondment in Whitehall, helping to launch the National Cyber Security Programme – an £860 million, five-year initiative to tackle cyberthreats and make the UK safer.Keast-Butler’s security exercise will help combat cybercriminals, malign foreign powersKeast-Butler’s proven track record at the heart of the UK’s national security will help to counter threats posed by terrorists, cybercriminals, and malign foreign powers, said foreign secretary James Cleverly. “She is the ideal candidate to lead GCHQ, and Anne will use her vast experience to help keep the British public safe,” he added.Anne’s appointment is fantastic news for the organisation, added outgoing GCHQ director Fleming. “I have worked with Anne for decades and think she is a brilliant choice with deep experience of intelligence and security in today’s technology-driven world.” Keast-Butler aims to make the UK more secure through diversityKeast-Butler said she is delighted to become the seventeenth director of GCHQ and looks forward to working alongside a team of people from diverse backgrounds with a broad range of skills who share a singular focus on making the UK safer, more secure, and more prosperous.“In just the last year GCHQ has contributed vital intelligence to shape the West’s response to the illegal Russian invasion of Ukraine, helped disrupt terrorist plots, and worked tirelessly to tackle the ongoing threat of ransomware, the impact of which costs the UK dearly,” she added. Cybersecurity still has poor female leadership representationThe appointment of a female to such a notable security leadership role for the first time is significant, particularly given the cybersecurity industry’s poor track record in attracting and retaining female talent.Research led by cybersecurity PR firm Eskenzi revealed that women only hold 21% of leadership roles and 17% of board member positions within the world’s leading cybersecurity companies. Most management roles women hold within cybersecurity organisations are in either marketing, people, or HR positions, the survey found. Meanwhile, one in ten companies listed no female leadership on their websites.ISC2’s 2022 Cybersecurity Workforce Study found that women account for 30% of global cybersecurity workers who are under the age of 30, with that figure dropping to just 14% of those 60 or older. It also found that women across the board remain underrepresented in advanced, non-managerial positions, where they make up only 17% of the respondent base.“This is a momentous moment for women’s representation. Diversity in cybersecurity is key because we need a real mix of minds to provide solutions to oncoming threats and ensure our own systems are unpredictable,” said Anna Brailsford, CEO of Code First Girls. Women who may never have considered a career in codebreaking, intelligence, and tech will now see a director that looks like them and think again, Brailsford added. Related content feature How a digital design firm navigated its SOC 2 audit L+R's pursuit of SOC 2 certification was complicated by hardware inadequacies and its early adoption of AI, but a successful audit has provided security and business benefits. By Alex Levin Nov 28, 2023 11 mins Certifications Compliance news GE investigates alleged data breach into confidential projects: Report General Electric has confirmed that it has started an investigation into the data breach claims made by IntelBroker. By Shweta Sharma Nov 27, 2023 3 mins Data Breach opinion A year after ChatGPT’s debut, is GenAI a boon or the bane of the CISO’s existence? You can try to keep the flood of generative AI at bay but embracing it with proper vigilance is likely the best hope to maintain control and prevent the scourge of it becoming shadow AI. By Christopher Burgess Nov 27, 2023 6 mins Generative AI Data and Information Security Security Practices feature Rise of the cyber CPA: What it means for CISOs New accountant certification rules starting January 2024 could deliver many new cybersecurity-trained accountants. Is this good or bad news for CISOs? By Evan Schuman Nov 27, 2023 7 mins CSO and CISO Compliance Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe