The disparity in cybersecurity between genders isn’t a recent problem. The shortage of women in the cybersecurity and IT sector has been in the news for many years, even decades. Although there has been some progress, there is still a substantial amount of work to be done, particularly concerning wages.
The ISC2 Cybersecurity Workforce Survey, released recently, addressed various cybersecurity challenges faced by women within the industry. Shockingly, only 17% of the 14,865 individuals who responded to the survey were women.
Wage difference between genders
One of the most alarming discrepancies highlighted by the survey is an enduring wage disparity. As per the survey, male cybersecurity professionals in the US receive higher average pay compared to females in similar positions. The results indicate an average salary of $148,035 for men and $141,066 for women. This pay gap is also evident at a global level, with the average salary for women worldwide standing at $109,609, and for men at $115,003.
Furthermore, the study by ISC2 identified a gender pay gap among individuals of color in the US. It was noted that on average, men of color earned $143,610, while women of color earned $135,630. However, there was no data available to compare global salaries for people of color.
Underrepresentation of women in cybersecurity
The study also brought to light the gap between the number of men and women engaged in the cybersecurity domain. According to the findings, only 20% to 25% of individuals working in cybersecurity are women. The data also revealed that the percentage of women below 30 years old in the cybersecurity field was 26%, in contrast to 16% among women aged 39 to 44, indicating a positive trend of younger women choosing cybersecurity as a profession.
An interesting observation was that teams with female members appeared to have a higher proportion of women than men, suggesting that women tend to gravitate towards teams and companies where other women are involved in cybersecurity. Women were found to constitute a higher percentage (30%) of team members compared to men (22%).
However, a notable 11% of security teams had no female members at all, with only 4% reporting an equal distribution between male and female team members. Sectors with the highest number of all-male security teams included IT services (19%), financial services (13%), and government (11%). Mid-sized organizations with 100 to 999 employees were more likely to have all-male security teams.
Additionally, the report identified several areas of concern regarding women’s experiences within the cybersecurity field:
- 29% of female cybersecurity professionals reported experiencing discrimination at work, compared to 19% of men
- 36% of women felt they couldn’t be their authentic selves at work, with 29% of men expressing a similar sentiment
- 78% of women considered it crucial for their security team to succeed, in contrast to 68% of men
- 66% of women believed that diversity among team members contributed to the success of the security team, compared to 51% of men
Utilizing recruitment strategies to enhance female representation in security teams
The existing gaps in cybersecurity—both in terms of wages and gender—cannot be closed without a dedicated effort from industries and organizations. Many companies are witnessing positive outcomes by embracing specific DEI hiring initiatives such as competency-based recruitment and integrating DEI program objectives into job descriptions.
According to the ISC2 report, businesses that implement competency-based hiring practices have an average of 25.5% female employees, as opposed to 22.2% in businesses using other recruitment methods. By incorporating DEI objectives into job descriptions, companies can boost female representation in security teams, with figures showing 26.6% for those referencing such goals as opposed to 22.3% in companies that do not.
Insufficient perspectives hinder cybersecurity teams
Without women on cybersecurity teams, organizations lack the diverse spectrum of experiences and viewpoints necessary to mitigate security threats. By prioritizing increasing female representation in their teams, organizations can enhance their security measures and bridge the wage gap.
“In a broader context beyond cybersecurity, research indicates that the more diverse perspectives you have at the table, the better equipped you are to solve problems,” commented Clar Rosso, CEO of ISC2, in a statement to Dark Reading. “In the field of cybersecurity, which is characterized by a complex and evolving threat landscape, the more varied perspectives we incorporate in problem-solving, the more likely we are to enhance our cyber defense capabilities.”