Only 17% of respondents to the ISC2 Cybersecurity Workforce Study were women, showing an ongoing struggle for workplaces to recruit and retain women in this industry. This year’s report also shows positive trends, with younger women finding paths to cybersecurity careers. ISC2 provided a detailed look at the state of women in the workforce, as well as tips on how to attract and retain diverse talent.
ISC2 surveyed 14,865 cyber security practitioners in North America, Europe, Asia, Latin America, the Middle East and Africa between April and May 2023. Forrester Research, Inc. collaborated with ISC2 to collect the data.
On average, women make up about a quarter of the cybersecurity field
ISC2 estimated that 20% to 25% of people working in the cybersecurity field are women, with that number expected to rise to 35% by 2031.
When it comes to team composition (Figure A), an average of 23% of security teams include women. Women in particular reported more women in their teams: 30% of women said there were other women in their teams, compared to 22% of men. ISC2 said this suggests that women tend to work at organizations with other women in the team.
Figure A
Cloud services, automotive and construction sectors reported the highest percentage of women on their teams (28%), but that number is not much higher than the sectors with the least percentage of women on their teams, which are the military and utilities sectors. 20%.
Cybersecurity Salaries Show Gender Gaps
Cybersecurity salaries are slightly higher for men than for women (Figure B), an average of $148,035 for men and $141,066 for women in the US, or $115,003 for men and $109,609 for women worldwide. For people of color, the average cybersecurity salary in the US is $143,610 for men and $135,630 for women.
Figure B
Women in cybersecurity may face discrimination or struggle with authenticity
Of those surveyed, 29% of women reported being discriminated against at work, compared to 19% of men. Additionally, 36% of women said they felt unable to be authentic at work, compared to 29% of men.
These numbers can vary greatly based on country: women of black or African descent in Canada, the UK and Ireland faced the most discrimination overall (53%), followed by men of black and African descent in the same countries (42%).
People who face discrimination at work find it “harder to take risks, propose new ideas or raise concerns,” noted McKinsey’s 2023 Women in the Workplace report.
Why women are getting into cybersecurity and what it means for recruiting
Women and men report getting into cybersecurity for roughly the same reasons. The top reasons people pursue a cybersecurity career reported by ISC2 were career advancement opportunities (26% of women and 27% of men), the ability to solve problems (24% of women and 22% of men) and a high demand for cyber security skills (24% of women and 25% of men). Some additional differences between the two groups surveyed are:
- Interest in working in a constantly evolving field: 21% of women and 18% of men.
- Find personal/emotional satisfaction: 14% of women and 17% of men.
- Exposure to cybersecurity role models who encouraged them: 14% of women and 11% of men.
- Having done cybersecurity on their own and enjoyed it: 10% of women and 15% of men.
Both groups report high job satisfaction when considering occupations in general: 76% of women and 70% of men surveyed said they were satisfied with their cybersecurity jobs.
SEE: These strategies, methods and technologies can help you build an effective cyber threat hunting team. (TechRepublic Premium)
Women report fewer cybersecurity staffing shortages at work compared to men (62% vs. 68%), from which ISC2 concluded that organizations that successfully attract diverse candidates solve their staffing problems slightly more effectively. Organizations where female respondents work tend to:
- Recruit potential talent from within, meaning employees outside of cyber or IT.
- Perform job rotation, which means moving employees between roles.
- Hire people without prior cybersecurity experience.
Fostering an inclusive culture benefits businesses
Recruiting more women and ensuring that every member of the team feels comfortable in their work environment can go a long way in filling open positions in the field of cybersecurity that are in demand but still understaffed. ISC2 offers the following suggestions for organizations looking to increase the number of women in cybersecurity and increase job satisfaction for those women already in the field:
- Create cyber security programs suitable for early education, exposing younger people to cyber security as a career option.
- Establish specific hiring, recruiting, and promotion metrics in your cybersecurity recruiting policies and practices related to adding and retaining women in the workforce.
- Pay women equal to men.
- Support women’s career advancement goals, especially those who want to reach senior positions – seeing women in senior positions can inspire others to follow.
- Focus on the “inclusion” part of diversity, equity and inclusion, create solid metrics and goals to make sure female employees feel included and authentic at work.
- Make the women who are already present in the cybersecurity team part of the recruitment process.
“The benefits of an inclusive culture, especially in cybersecurity, are plentiful — and critical,” ISC2 CEO Clar Rosso told TechRepublic in an email. “Organizations committed to inclusion bring problem solvers, analytical and critical thinkers, and diverse skills and backgrounds to the table to solve challenges and build opportunities.”
================
BSB UNIVERSITY – AI – IT SOLUTIONS
AISKILLSOURCE.COM
