Metin Mitchell

Metin Mitchell

This year I am delighted that we have launched our cybersecurity practice to help our clients address one of their most critical issues, that of assessing and sourcing cybersecurity talent.

Much has been written about the growing shortage of cybersecurity skills and here I share just what the scale of this shortage is and its impact on business.

The most recent report is from CapGemini.  Last month, their report, Cybersecurity Talent: The Big Gap in Cyber Protection, showed that corporate demand for cybersecurity skills is rising faster than internal supply.

They surveyed more than 1,200 senior executives and front-line employees and also included social media sentiment of more than 8,000 cybersecurity employees. 68% of organizations reported high demand for cybersecurity skills – compared to 61% demanding innovation skills and 64% needing analytics skills.

They then measured this against the availability of existing, proficient skills in the organization – and identified a 25% gap for cybersecurity skills. Their report said there was already 43% availability of proficient skills.

They predict that demand for cybersecurity talent will grow over the next 2-3 years; 72% of respondents predicted high demand for cybersecurity in 2020, compared to 68% today.

Capgemini chart

The industry magazine, Information Management, reported on two studies at the end of last year which they said gave “an alarming view of the state of data security” with organizations complaining of woeful lack of cybersecurity professionals.

The CyberSeek report from CompTIA, which tracks supply and demand in the cybersecurity space, says cybersecurity jobs must double in order to meet current demand. While the 2017 RedSeal Resilience Report says a majority of organizations lack the tools and resources they need to protect their data assets.

According to the RedSeal report, the data threat landscape is evolving much faster than security teams can respond. Nearly 80% of respondents said “they could not access insights that help to prioritize their response to a data security incident”, while 55% said they could not react quickly enough in the event of a major security incident.

Only 20% of organizations said they are extremely confident that they could run as usual after discovering a cyberattack or data breach.

It is concerning that most organizations (55%) say they don’t test their data security strategies enough because they are too resource intensive, take too much time or outside budget. It could be argued that this is because there is not enough budget commitment to this area – but the report suggests it is more down to lack of skilled people.


According to Cisco, in its 2017 Annual Cybersecurity Report, the main barriers to adopting advanced security products and solutions are budget (35% of respondents), product compatibility (28%), certification (25%) and talent (25%).

Cisco obstacles to security

cisco data 3

So what should organizations be doing?  My colleague, Raef Meeuwisse looked at this in his blog Is there really a cybersecurity skills shortage?

The CapGemini report offers the following to address the problem

  • Integrate security across the organization
  • Maximise existing skillsets – many employees are already investing to update their own skills, are they being used?
  • Think outside the box in recruitment, “for example, people on the autism spectrum are fantastic at pattern spotting and are often blessed with numerical and problem-solving skills, attention to detail and a methodical approach to work – all useful traits for cybersecurity best practice”

I would agree about thinking outside the box in recruitment and that is what we are focusing on in our practice.

However, what is interesting is that these reports cover the shortage in current cybersecurity skills, as we know them.

But I increasingly believe we need a new model of cybersecurity skills at leadership level – people who have strong technical skills but can also influence behaviours. Cybersecurity is not just about technology – it is about getting employees across the board to implement best behaviour.  Not pin their password on their computer screen, use their dog’s name for their password or fail to update as requested by IT. 

The new breed of professionals need to be great communicators and persuaders as well as having strong tech skills.

Could this open up new areas to find the cybersecurity skills we need – or will it make the skills shortage even worse?

I have just finished attending the Women in Leadership Economic Forum in Riyadh and come away full of enthusiasm and optimism for what is going on in Saudi Arabia and the future for its very bright women.

There were some great speakers from Saudi Aramco (Yasser Mufti), STC (Ahmad Al Ghamdi) and of course our own UAE’s Lubna Qassim.


The panel discussion I was involved with – diversity driving innovation -  was expertly moderated by Eithne Treanor who drew in large audience participation. My fellow panellists included Seta Tutundjian of the ICBA, Euan Hosie of GSK and Maysoun Ramadan of Roche. We and the audience had these overwhelming messages for Saudi Women: the time is now – never has the leadership of the Kingdom been as supportive to the inclusion of women in the workforce as today; women need to support each other on the journey to the top; find role models – female or male; don’t get discouraged when things go against them; do things going with the grain of the culture rather than against it.

Our panel’s theme is a challenging topic and I looked at some of the issues in my earlier blog, Does diversity drive innovation? My fellow panellists were adamant that yes, diversity does drive innovation.

When I was researching material for my panel contribution, I came across an article in the National Geographic on heart disease – this was in the States. Women were being misdiagnosed and sent home with heart problems – because they don’t have the same symptoms as men when they have a heart attack.  And apparently for years, all their research had been based on the physiology of an average-sized male.  No-one had thought to factor in gender as a variable in the research!  This article had numerous similar examples where research was poor quality because gender hadn’t been addressed.  They – and I am sure all of us – believe that if you had had more women working on these projects, it would have been a no-brainer to ask, would gender make a difference?!

It’s one thing to recognise the need and the benefits of more women working in STEM (science, technology, engineering and mathematics) but organisations across the world are struggling to achieve this, despite the best of goals and intentions.

As a headhunter, one of the things I wanted to share was the critical ways to achieve a step change in gender balance.

The most important issue is to recruit for skills, not experience.  The natural tendency is always to draw up a job spec based on the people who have done the job before. As an example, I once worked with a bank who were keen to have more women on their shortlist. The original brief said we needed someone with 20 years’ experience in IT. But women in the Gulf haven’t been working in IT for that long, so you immediately exclude them.  Instead we looked at the skills needed for the job and there were then a number of women who had been doing amazing things in transforming IT and that then shifted the game. That is how we will transform diversity and innovation in organisations.

While I was on the panel, I had in my head so many stories from the amazing Saudi women I interviewed for our report, Roads to the Top for Saudi Women.  And their stories, ambitions, advice were all reflected at this extraordinary conference.

Saudi women

You can sense the energy and passion from just some of the tweets, shared here




This was a really great event and my congratulations go to Naseba for organizing such an important gathering and putting the spotlight on what women are already achieving in the Kingdom – and their critical role over the next decade.

Tuesday, 13 March 2018 09:08

Does diversity drive innovation?

I am delighted to be on a panel next week, at the WIL Economic Forum in Riyadh, speaking on ‘Diversity drives Innovation – here’s why it works’. 

In fact this is quite a challenging topic – everyone’s instinct is to say, ‘Of course, having more women and more diversity in an organisation will increase innovation’.  In fact someone recently said, ‘it is a no-brainer’. But where is our evidence? 

I am looking forward to hearing the views of my fellow panellists:  Ravi Kumar, head of human resources at Roche Diagnostics Middle East; Seta Tutundjian, director partnerships & knowledge development at International Center for Bisaine Agriculture; and Euan Hosie, HR country head – Gulf at GSK, with our moderator Eithne Treanor

Our panel is particularly looking at the challenge for GCC countries that are transforming their natural resource-dependent economies and looking to STEM (Science, Technology, Engineering and Mathematics) skills to create more knowledge-based economies. While women outnumber men in the classroom, this has yet to translate to the job market

In this blog I want to look at my own experiences in GCC and how I see diversity increasing the rate of innovation.  I have spent 20 years in the region in executive search, finding both male and female executives for top jobs and delighted to see how often women bring new ways of thinking and working to a business.

I was also privileged to interview a number of leading Saudi women for our report on Roads to the Top for Saudi Women -  and draw on these extraordinary women’s insights also.

Over the years, I have seen time and again that it is women who are the outstanding candidates on our shortlists. And many of the Saudi women I interviewed, gave examples of companies recruiting more women – especially into IT and technical positions – who then often outperformed the men.

So my first observation is that diversity – specifically bringing more women into the workplace – is driving performance.  And when you get high performing cultures, you get innovation coming from this.

When researching to find more evidence for this, I found Rocio Lorenzo from Boston Consulting Group who carried out research to find this link between diversity and innovation.  Her team surprised even themselves.  Have a look at her Ted talk on How diversity makes teams more innovative – and linking innovation to performance.

She said that to see a big difference in innovation, you need more than 20% women in leadership positions – and when you look at the graph below, you will see the leap is astonishing – 10% more revenues.

Median innovation revenue

Rocio admitted that she had not seen diversity as a problem when she was younger – her university was 50/50 men and women and she didn’t feel any barriers.  But as she progressed in her career, she increasingly found herself the only woman in meetings. She had had a theory that as more women got higher education qualifications, they would naturally progress into leadership positions.  As this chart below shows – how wrong was this expectation.

education 1 

Rocio admitted they weren’t sure about the ‘chicken and egg’ of their research (which came first – the chicken or the egg?!)

They don’t know if more diversity leads to being more innovative and higher performing – or if more innovation leads to more diversity.  But as she said, it doesn’t really matter – the truth is that diversity meant more innovation and better business performance.

I will share the key findings from the conference next week – and more of my own thoughts on this topic.  But in the meantime, I would love to hear from others who have evidence of diversity increasing innovation – and performance.

It does feel a no-brainer – but we need to back this up to convince those who are still sceptical!

It used to be said that the only certainties in life were death and taxes. To this grim list a third is now added: you will be victim to a cyberattack. No company, no organization, no individual is immune.

The quickest way for a CEO to lose his or her job is to be ill prepared for an attack. How well a CEO prepares and how well their team deals with a cyberattack will all determine whether the CEO gets to keep their job when the bank is attacked.

One of the clearest signs that a bank is taking cybersecurity seriously is that the Chief Information Security Officer (CISO) or equivalent reports direct to the chief executive.

Yet research shows that of the top 40 banks in the Middle East incredibly more than two thirds do not have a CISO as a direct report… Banks are just not taking cybersecurity seriously.  It must start with the top, the CEOs and the boards of banks.



If you doubt this, think of the big attacks that we all know about: Saudi Aramco, the NSA, Sony, the British health service (NHS), Target, Yahoo, Uber, ABN Amro, JP Morgan.  And then guess at the ones that we don’t know about…

Consider for a moment the world we live in today. On the one hand we are in the middle of a Cold War that by some estimates is worse than the 1960s and 1970s – today nation states regularly make cyberattacks on non-military targets, harming commercial organizations and utility companies alike.  On the other hand, we are in a world drowning in technology that opens up a myriad of vectors for us to be targeted by cyber criminals. Be under no illusion, cyber crime pays – it is a low risk, high reward activity. And at present rates it will grow in to a two trillion dollar industry globally by next year.

The only thing you can do is to reduce the chances of a successful attack, reduce the potential impact and ensure that you have an effective recovery plan.

The other sign that banks are not taking cybersecurity seriously is by looking at the profile of the CISO or senior security expert. All too often the CISO has been promoted up through the IT function. So cybersecurity is seen as a purely technical problem rather than as a major business issue and of strategic importance.

Cybersecurity is far from just being an IT issue. It is a complex multi discipline issue. Yes, of course there is an important technical side, but it also requires thought about how an organization does business, who it does business with.  It encompasses legal issues, PR issues, HR issues. And most importantly, the CISO has to have a strong voice and the business skills to be able to communicate effectively the risk for the business/shareholder values to the CEO and the Board, as well as the required budget allocations and business changes to mitigate those risks.

How many of today’s CISOs in the Middle East have the skills to do that or more importantly, how many are empowered to do that and drive forward a multi discipline approach to cybersecurity?

What do banks in the Middle East need to be doing differently?

Cybersecurity has to be a board and CEO issue. The CEO has to be driving the cybersecurity agenda by sufficient allocation of budget to cybersecurity, elevating the status of the CISO, investing in skills development of the CISO and his/her team, ensuring that the whole bank has been trained in cybersecurity awareness, and be obsessed with protecting the bank’s assets.

If the CEO does this, then when the attack comes it can be dealt with quickly and any impact eradicated and the bank can return to business as normal. The CEO who has shown due care to shareholders and leadership in driving the cybersecurity agenda of the bank will get to keep their job.

News release

14 February 2018

Two thirds of bank chief executives (71%) in the Middle East could be at risk of losing their jobs because they are not managing cybersecurity risks effectively.

Research shows that only 29% of Middle East banks with assets of more than $10bn have a chief information security officer (CISO) reporting directly to the chief executive – a key sign among cybersecurity professionals that an organisation is taking and managing these threats seriously. More than a third (35%) of CISOs have no direct reporting line to any C-level executives.

The research was carried out by Metin Mitchell & Co into the 49 qualifying banks in nine countries. No country was an outstanding performer; the two highest performers were Qatar (40%) and the Kingdom of Saudi Arabia at 38%.

Metin Mitchell, founder of the Dubai-based firm which specialises in executive search for Middle East financial services, said: “If cybersecurity experts are to have any impact in a bank they need more than technical skills – they also need a strong voice and business skills. They must be able to communicate effectively to the CEO and the board on the risks to both the business and shareholder values. They must also have the required budget and the ability to influence decision-making to mitigate those risks. 

“How many of today’s CISOs in the Middle East have the skills to do that? And more importantly, how many are empowered to do that and drive forward a multi disciplined approach to cybersecurity? How well a CEO prepares, and how well their team deals with a cyberattack, will all determine whether a CEO keeps their job when the bank is attacked.”

Raef Meeuwisse - ISACA governance expert, author and cybersecurity adviser to Metin Mitchell & Co – explained the importance of CISOs reporting to the chief executive: “There is a shortage of cybersecurity skills. In a market competing for resources, the best talent goes to the organizations that look most appealing to work for.

“Security staff are not like normal people. They are not interested in your sector, turnover or profit. They want to know if your organization has the security fundamentals in place. Are you likely to still be operating in a few years time? One of the easiest ways to check is simply to ask, is your CISO reporting to the main board – and in the case of financial services this would be to the chief executive.”

Metin Mitchell & Co has launched a specialist cybersecurity service to recruit senior cybersecurity talent and advise on how best to structure and manage this cybersecurity talent.

I was delighted to see a recent survey that young adults in the UAE are more likely to consider a career in cyber security than their peers elsewhere in the world.  While it is heartening that the world – and especially the UAE – is waking up to the issues and the skills we need, it got me thinking about how cyber security careers are developed and a gap that I don’t believe is being addressed.

In the course of my work, I regularly meet chief executives and C-suite directors to discuss their businesses and executive search needs – particularly in financial services.  Over the last year or so, concerns over IT and security have become a running theme. And at the CFO Strategies Forum in November, there was considerable discussion around the role of CFOs in the face of automation – which of course includes IT and cyber security.

The big gap that is not being discussed or addressed is communication.

An organisation may have all the latest technical expertise in the world, but in the end security comes down to the practices of thousands of individuals in the organisation.  And if the IT team cannot influence and persuade those individuals to change their behaviours, the most expensive kit becomes useless.

Let me give a practical example of where I see the weakness.

Last summer the world was hit by Wannacry ransomware attacks in 150 countries and this included attacks on many hospital trusts in the NHS in the UK.  After an investigation by the UK government, a report by their National Audit Office concluded the NHS was vulnerable to attack ‘because cyber security recommendations were not followed’.  A former chairman of NHS Digital blamed the attack on lack of time and resources but also ‘frankly a lack of focus, a lack of taking it seriously’ in keeping up with cyber security improvements.

But while the hospitals are being blamed for ignoring the advice, no-one seems to be challenging the people giving the advice and their ability to explain, persuade and influence the hospitals that these issues are serious.  Rory Cellan-Jones, the BBC’s technology correspondent, added his own commentary to this story, “To be fair, the Department of Health had developed a plan – it was just that it had not been properly communicated or tested in the NHS trusts”.

For me, perhaps the most depressing element of this story is that at the end of last year, NHS Digital announced £20m investment to ‘boost its ability to support the NHS with digital security’ in response to the attacks. This money is to be spent on

  • A monitoring service analysing intelligence and sharing guidance, advice, threat intelligence and remediation to relevant contacts in health and care
  • On-site data security assessments for NHS organisations, to enable them to identify any potential weaknesses and to get the best value from local investment
  • Specialist support for any NHS organisation which believes it may have been affected by a cyber security incident
  • Ongoing monitoring of NHS Digital national systems and services

As far as I can tell, NHS Digital was already doing all this – to a lesser or greater extent. The reason the hospitals were attacked was not because there hadn’t been assessments or advised of the risks and even what they needed to do (some basic patches added to Windows 7) – it was because they hadn’t implemented the advice they were given. 

So what will change?  What needs to change?

I believe we need to redefine what cyber security means.  Do a Google search and you will see definitions around ‘body of technologies … to protect networks, computers, programs and data from attack’.  What we need to recognise is that technology is not enough on its own. You must have great communication and influencing skills alongside the technical ability.

Just as we agreed at CFO Strategies Forum that CFOs must be great communicators to be effective, so we need cyber security experts who are also great communicators.  They must be able to understand and influence human behaviour (everyone knows they should have different passwords and change them every month – how many do?) and find solutions to human frailties – these are the weak links in cyber security.

And that means those who are creating courses for the next generation of cyber security experts – such as Khalifa University of Science and Technology and Raytheon’s Cyber Academy which carried out the survey I mentioned earlier – must include skills in communication and influencing behaviour as much as focusing on technical skills.  This also applies to those leading national policies such as Omar Bin Sultan Al Olama – recently appointed the country's first Minister of State for Artificial Intelligence at the age of 27.

As with most boardroom and leadership issues, the theory and the logic are nothing if you cannot bring people with you. 

More women than ever before are starting careers in the Kingdom of Saudi Arabia, helped by the Vision 2030 goals and government policies such as Saudization.

But as more women enter the workforce, new challenges are emerging in terms of how to balance a career with roles in the home and as a mother – a debate that continues to occupy women across the world. Nevertheless, in Saudi Arabia a cohort of well educated and ambitious women are leading the way and we’re seeing female leaders heading large Saudi companies and that is extremely exciting to witness.

With the importance of family being at the heart of Saudi society – one interviewee for our report, Roads to the Top for Saudi Women said, “The family unit will always remain the major portion of a holistic, stable society.” So what role can mothers play – both in the home and in wider Saudi society to set an example and influence girls to strive for a successful career?

Mothers are important role models in the home

Many of the women I spoke to talked about the example set by their parents and how that influenced their drive and ambition. One said, “I have a very ambitious mother and father and I am a very ambitious person”.

But the importance of mothers in particular, and the positive example they set for their daughters, was a recurring theme of our conversations. Expanding on this, one interviewee said, “In my family, my mother is one of the strongest women I have met and she always focused on education and never took no for an answer. For her everything is possible, there is always a way to get to what you want or do what you want.” She added, “She pushed for independence – in thought, financially, making decisions, failing – she was setting the stage of always looking to do more.”

This idea that “if she can see it, she can be it” is at the heart of this, the understanding that “you have opportunities and you can go out and take them” is an important lesson not just for young Saudi women but for women globally. But how can families in the Kingdom build on these lessons in future?

Women as role models in wider society

Women have acted as powerful role models outside of the family unit in the Kingdom. There is no doubt that female members of the royal family have changed views in wider society and inspired women in the leadership roles they have taken on. Queen Effat was particularly mentioned by several interviewees. One said, “When princesses started working, they broke a taboo. Families used to be reluctant to allow a woman to work because it looked as if they couldn’t afford to live without her income. The princesses showed that work for women is as much about self-realisation.”

Instilling boys with the same values

While the focus of our report was on women, several of those we spoke to stressed the importance of teaching young men that women and girls are just as deserving of opportunities as they are. One interviewee summed up her thinking by saying there was a “responsibility of mothers to teach their sons they are not better and ‘don’t deserve extra candy’”.

Another said, “mothers need to raise sons without gender stereotyping and daughters to think of more than just marriage.”  Keeping the family at the heart of Saudi society but teaching the lessons that will help girls to reach their full potential as adults will be important for the Kingdom going forward.

Setting an example for the future

Setting an example for the next generation has been one of the strongest themes from my interviews with female leaders in Saudi Arabia. They are proud of what the Kingdom has achieved in just a few decades – and are keen to be role models and encourage more women into work and especially middle management. 

Women being able to drive in Saudi has been one of the most visible messages of change both within the Kingdom and to the wider world.

But while many might see this as a move for Saudi to become more ‘western’, what was clear to me from my interviews was that Saudi women want to do all this in their own way.  They do not want to be like the West, nor even like other Middle East countries.  They have their own values and vision – and I am certain that we will see more female leaders in the Kingdom, leading in their own distinctive way. And who knows, these women could find new ways to combine motherhood and work that the rest of the world could learn from. No-one pretends to have all the answers to this particular challenge.

Rumi Contractor is President & COO @ Quinnox Inc., a technology-driven services organization for businesses. Here Metin Mitchell interviews the former CIO and Group General Manager for HSBC  on the security risks facing corporates and how boards, in particular, should respond.

Metin Mitchell (MM): What are the cyber security threats facing businesses and how well are boards managing these risks?

Rumi Contractor (RC): Cyber security has become a hot potato in recent times with more and more high profile cases emerging – just this week we heard Uber paid off hackers who stole the personal details of 57 million riders last year. However, the reality is that most board rooms do not really grasp the high stakes they are risking each and every day - as the trustees of companies and businesses they are required to help protect as well as manage and grow those businesses.

MM: I recently chaired a panel for CFO Strategies Forum and the role of CFOs in automation. What should boardrooms be doing to address cyber risks?

The world is becoming more and more connected and this trend is only going to keep getting bigger and more complex. The more connected systems become, the more breakpoints – these are opportunities to ‘hack’ or ‘leak’ in the fabric of an organization. I do not claim to be an IT security expert but I understand the risks that are out there and I understand how they can happen and I also know the possible ways to breach those gaps. This experience is not easy to come by for most boards. I have always believed that boards need to stop hiring and using the CIO has a technical fixer and more as an expert who has an ability to translate business goals and needs into technical strategies and blueprints WHILE taking technical issues and translating them into business speak and plans.

MM: What are the main cyber security risks for corporates?

RC: At the end of the day, a security breach which causes real damage involves ‘stealing data’ or ‘manipulating data’ or ‘denying access to YOUR data’. That’s the crux of what really happens in a cyber-breach.

MM: Can you give me some examples of these security breaches?

RC: The first is when someone tries to get into your systems from the outside. These could be hackers trying to bombard your networks and find a vulnerability to get access to your servers, computers, networks and databases.  Usually they get into YOUR environment through a loophole that they have managed to identify from a vendor related weakness – say, because your team did not ‘harden’ the peripherals in your IT landscape.  Or because your customer and/or employees have allowed these hackers to get into devices they use to access your corporate systems and networks. Or maybe people have left their devices and systems unsecured and through social engineering, access has been gained by those who are intent on causing you harm.


To bring an analogy of a house, this is where the burglar finds a window left open and climbs in, or someone finds your telephone line outside and taps the connection and listens into your darkest secrets, or finds a lock that is really weak and easily manipulates the same and gains access to your home.

The second category of cyber security breach is one which is most common – internally generated. This is where people have opened connections from inside the corporate environment intentionally (to provide access to others from outside) or done this through sloppy work or non-conformance to stated policies.  In either case this access is not because the systems were not ‘hardened’ or that you did not have solid security policies, it is either through stupidity or malicious intent. This is usually harder to identify and avoid. Hence it becomes important that you have systems and monitoring tools that are able to detect such abnormalities as and when they occur.

This is akin to someone in your home intentionally or through carelessness leaving the door to your home unlocked or a window open. You might have a WiFi router with a default password (Admin) which is then accessed by someone from outside the house (from close proximity) and gaining access to data that is flowing between the devices inside the house and the internet!

The last category is one where the house is secure both from the outside and the inside BUT the appliances you have inside the house are probably tainted with ‘loopholes’ that allow access to someone with a bit of sophistication and understanding of these matters.

More and more devices are connecting to each other (through the Internet of Things - IOT).  Some examples would be WiFi Routers, Amazon Alexa, Google Home Devices, Android Operating Systems on your TV, streaming video dongles, connected refrigerators, mobile phones and more.  If they have any loophole – because of a recent operating system update or downloading a Trojan horse during an internet or social media surfing session – then it may end up tainting other devices or rendering them ‘exposed’ – and possibly under the control of Ransomware security ‘bots’.

We have had a busy year helping our clients identify the talent that will be needed to ensure countries and businesses achieve their ambitions in the next decade. What will be different? What will be the challenges? And what are the opportunities for individuals?

In this newsletter we share the findings of two reports into talent for Saudi Arabia – our thanks to the chief executives and women who shared their insights and views to contribute to this research. We look at the trends for expatriates in the Gulf generally and conferences where Metin Mitchell is speaking, including the roles and relationships of CFOs and CEOs.

mm report ceo final coverWhat makes an outstanding Saudi chief executive?

This research highlighted that future Saudi leaders must be able to communicate their vision clearly through the region’s period of great change, and able to make tough decisions as they drive through new efficient operating models and make necessary cuts. They also need to be able to spot opportunities.

Corporate governance will be the big challenge for chief executives of the future. They will have to understand the regulatory and compliance issues, but also learn skills in how to challenge board members – especially when these are senior family members.
The research found that while much can be learned from Western CEOs, it is important that key elements of national culture are not lost – particularly the genuine care for employees and the long term generational view of business.

Read the full report here.

mm report saudi women final coverKey steps to appointing women in top Saudi roles

Roads to the top for Saudi Women highlights the confidence that Saudi women feel about their working futures and what needs to be done to increase the number of women in the workplace.

While the findings are specific to the Kingdom of Saudi Arabia, the women’s comments will resonate across the Gulf region.

Based on interviews with pioneering women from education, medicine, financial services, philanthropy, e-commerce and the professions, the women share their views on how to encourage the next generation of working women – and the role of government, corporate and women themselves.

Founder Metin Mitchell believes that to increase the number of women working and in more senior roles there need to be flexible working patterns to combine family and work balance: “Work needs to be measured by outcomes rather than hours worked. Women are very good at working remotely and delivering results – they don’t always have to be in an office. A mentor should be appointed to new female recruits and HR and management need to look at how they hire for talent rather than experience.”

Read the full report here and you can also read an interview with Metin on this subject on Dubai Eye here.

enews 2

CFO Forum strategies, Dubai 15 – 16 November

Metin Mitchell hosted a panel looking at the future for CFOs in the face of automation. With artificial intelligence already automating much of the accounting function, can CFOs survive?

There was a robust debate with Dr Bernd van Linder, CEO, Commercial Bank of Dubai; Waleed Abu Eleiz, CFO, Alfa International and Adham Gasser, Regional CFO, P&G.

Read Metin’s blog on the CFO Forum Strategies event to see the conclusion!

WIL Economic Forum KSA, Riyadh in March 2018

The forum will bring together 1,000 female and male business leaders and policy-makers to advance women in leadership, with keynote speaker HRH Princess Banderi AR AlFaisal (the date will now be in March 2018).

Metin Mitchell will be chairing a panel on Talent Machine Panel: Bridging the skills gap, nurturing and retaining talent and sharing his own insights from the report and his 20 years of recruiting women in the Kingdom.

Dubai eye1

End of the road for expatriates in the GCC?

When Metin Mitchell wrote his blog, Have we reached the end of the road for expatriates in the GCC? he never imagined the extraordinary response this would generate.  On his LinkedIn profile alone, this had 53k views, 500 shares and 200+ comments.

He was invited to discuss his views with Dubai Eye – listen to the full interview here.

ABC Logo Dubai




American Business Council

Metin Mitchell & Co has joined the American Business Council. Please This email address is being protected from spambots. You need JavaScript enabled to view it. if you are a member and would like to discuss finding talent for your organisation.

From our blog

Subscribe to our blog to read about trends in talent and leadership in our region. Here are a few highlights:

Making sense of the Kingdom of Saudi Arabia

Interview with pioneering Dr Amal Fatani

Interview with bestselling author Dr Taghreed Al-Saraj

Could Saudi achieve more women in senior positions than the rest of the world?

Will a corporate governance framework create a clear path?


Tuesday, 19 September 2017 16:46

Women are Saudi’s secret weapon

Metin Mitchell interview with Dubai Eye on Roads to the Top for Saudi Women

Metin Mitchell was interviewed by Dubai Eye radio last month, about the role of women for the future of the Gulf region.

It was based on Metin Mitchell & Co’s report ‘Roads to the top for Saudi Women from interviews with Saudi female leaders who shared their insights and expertise to help future female leaders.

Metin Mitchell’s inspiration for the report came from his own mother and a female colleague, Ruth Tait (sadly passed away) who was a researcher and author on women’s leadership – the title of the report borrows from her writing. 

This is the transcript of the Dubai Eye interview, with the breakfast team.

Dubai eye1                                                                                                                    

Q:        How positive are Saudi women about the prospects for their working lives?

A:         They are very positive. One of the things that came out is how supportive they felt their families were and their country is of them.

Q:        How do you work this out? Working life for women in Saudi Arabia is difficult, you can’t travel by yourself, you can’t get around without a guardian... It is not the most obvious place for women to be happy in employment?

A:         Those are the headlines people focus on. What people don’t focus on is what women have to say for themselves and what they find is that things are changing very very quickly, that there are opportunities for them they would not have had before.

Q:        How did you do this research? Obviously you can go to an office and talk to women. But it is harder to find the ones who are not working? How did you carry this survey out?

A:         We interviewed a cross section of women from different sectors, banking, public sector, government etc and they were able to share their views.

Q:        So these are women who have already got jobs?

A:         Yes these are people who have got jobs but who are informed about their own society. These are people who have perspectives on what is going on around them.

Q:        So what was the headline finding?

A:         Saudi Arabia has ambitious goals and is going to make this happen.

Q:        Ambitions in what sense? In bringing women into every sphere, every line of work, every profession?

A:         Right now there are 22% of women in the workforce in Saudi Arabia. The first goal in the next three to four years is to get that up to 30%.

Q:        Does that mean that 22% of the workforce are women or 22% of women work?

A:         22% of the workforce are women.

Q:        We heard this morning that Saudi Air Navigation Services are set out to employ women as air traffic controllers for the first time. The Saudi Academy is going to train them in line with vision 2030 so this is another field open to them. If 22% of women are working what is Saudi Arabia aiming for to get into the workforce?

A:         By 2030 it will aim for something around 40% which is slightly below the global norm but in line with their own aspirations as a society.

Q:        Where do you see the most opportunities, in which sectors?

A:         Financial services is a big opportunity and I also think some more progressive conglomerates like the Olayan family conglomerate.

Q:        What training opportunities are available? Are there enough training opportunities?

A:         Saudi Arabia has big resources devoted towards training so I don’t think training resources are the issue but the willingness of companies to make it a priority, then you will see the changes happening.

Q:        Which is another great question. Are employers taking Saudi women seriously enough?

A:         Some are ... for example GE is doing a fantastic job in Saudi Arabia as is Tata Consulting.

Q:        The last time I was in Saudi Arabia I went to a bank. There were women working in the bank but they had to be on a different floor. Obviously for smaller companies it is quite hard to bring single digits of women in the workforce to start the whole thing rolling if you have to have different floors, totally different offices to put them in. I suspect people listening to this think: well women can’t get around freely, they don’t have the ability to drive at the moment. They get around with a chauffeur or with a guardian. How much does that limit this move to 40% of the workforce by 2030? Will that need to change to achieve that 40% you think?

A:         What needs to change is attitude towards childcare so I think the progressive employers will be the ones who win in the workplace they are those who can provide childcare on site and allow for flexible working for the women.

Q:        Which is one of the things you asked the women that you have surveyed, what needs to change. Childcare is one of the things they spoke about. They spoke about flexible working hours. They also spoke about mentoring?

A:         Mentors can be men or women but the role of mentors is absolutely critical. Someone you can turn to for advice and counsel and how to build a career.

Q:        Tell me about employment numbers. They don’t seem to bear reality to the total population. I wonder how many women are factored into these numbers. Do you know how this works?

A:         Jobless numbers are complicated for Saudi Arabia and there are very wide ranging thoughts for what employment is. One of the complications is how do you calculate the population of Saudi Arabia? There are probably three to four million ex-patriates. They haven’t done the best job they could yet to calculate these numbers. There is room for improvement there.

Q:        It is very well moving from 22% to 40% over the next 12 years or so but at the moment we just don’t understand how many people are actually sitting in Saudi Arabia who would like to have a job but don’t have a job?

A:         I can’t answer that but what I can say is that I am seeing more women coming into the workforce, when you look at companies like Tata or GE, Olayan or some of the banks. They are recruiting every year more and more women. And in fact the women are their secret weapon because it is the women who are actually going to improve the performance of men because these women really want to succeed and they are going to outshine and outperform their male competition. Saudi Arabia desperately needs to improve its performance and women are the way that this is going to happen.

Q:        Talk to me about women moving up the chain. Jobs are one thing but what about management?

A:         You need to have companies which are progressive about assessing talent which gives them a chance. Women also have to fight. They have to be very clear what it is they want to achieve and push and push and push. They will get there. There are plenty of examples, they have role models now which they didn’t have 10 years ago, so they can do it!

More women in middle management will come by more women studying STEM subjects, Science, Technology, Engineering and Mathematics.

Q:        Are women factored into the Nitaqat system?

A:         Disabled people are factored into this and given more credits if you want. Women to my acknowledgement are not yet.

Q:        Women are a vital asset to Saudi Arabia. What is being done to change things?

A:         Social media is changing everything, attitudes are changing. There are no barriers for them to be successful anymore. The Mutawa is an irrelevance. The only limitations are women themselves. They can make it happen. What we need to be doing is to celebrate each other’s successes and pushing for themselves in the organisation in which they work. That is what starts to make the difference and I think ultimately what really makes a difference is their performance. They will outperform the men. The ones that I am seeing right now are outperforming the men hands down. That’s what will make the difference and make the change.

Page 1 of 4

Read more

To read more of Metin Mitchell’s insights on leadership, leave your email here:


Elsewhere online

Popular Posts

Recent Posts