Biennial Women in Cybersecurity Report Reveals that Female Representation in Industry Remains Stagnant

Industry Leaders Join Forces to Call for Greater Diversity to Close the Cybersecurity Workforce Gap, Expected to Reach 1.8 Million by 2022

According to new research from the Center for Cyber Safety and Education™ (the Center) and the Executive Women’s Forum on Information Security, Risk Management & Privacy (EWF), conducted by Frost & Sullivan, women comprise only 11 percent of the information security workforce – a number that has remained steady since 2013. The study also found that women in cybersecurity have higher levels of education than men, but fewer hold senior-level positions, and they earn less money. The Women in Cybersecurity report is part of the Center’s eighth Global Information Security Workforce Study (GISWS) – sponsored by Booz Allen Hamilton – and is based on data that was collected in the survey.

“It’s disappointing to see that the number of women in the cybersecurity workforce continues to remain low,” said David Shearer, CEO, the Center for Cyber Safety and Education and (ISC)²®. “We must encourage young women; help them to see that information security is a challenging, lucrative and exciting career field. We must also promote women into leadership positions, and pay them at levels that are equal to their male counterparts. There is a large shortage of skilled cyber professionals, and women are a valuable resource that can help to bridge that gap.”

“For 15 years the Executive Women’s Forum on Information Security, Risk Management & Privacy has been committed to addressing the very issues highlighted in this report by delivering programs which retain and advance women through education, leadership development and the creation of trusted relationships.” said Lynn Terwoerds, executive director of the Executive Women’s Forum on Information Security, Risk Management & Privacy. “I am so proud to be a co-author of the Women in Cybersecurity report and hope that the results will promote both conversations and actions to advance and retain women in cybersecurity.”

Key takeaways from the Women in Cybersecurity report include:

Women comprise only 11 percent of the global information security workforce.
Women have higher levels of education than men, with 51 percent holding a master’s degree or higher, compared to 45 percent of men.
Fewer women hold positions of authority (director level or above) compared to men.
Women working in cybersecurity have a more varied educational background than men contributing to the diverse set of skills they can potentially bring to the industry.
On average, women in the information security industry earn a lower annual salary than their male counterparts.
Fifty-one percent of women in the cybersecurity industry in North America and Latin America have experienced some form of discrimination, compared to only 15 percent of men.
Women who have higher levels of access to sponsorship and leadership programs report feeling valued in their role and are more likely to be successful.
The Center for Cyber Safety and Education and the Executive Women’s Forum on Information Security, Risk Management & Privacy have joined forces with several industry leaders to raise awareness of the need for women in cybersecurity. Additional sponsors of the report include: PricewaterhouseCoopers LLC, IBM, Alta Associates, (ISC)² and Veracode. Booz Allen Hamilton sponsored the Global Information Security Workforce Study (GISWS), which provided the data for the report.

“I believe it is imperative for the cybersecurity industry to support and facilitate the recruiting, retaining and promoting of women. Proactively developing this career path will combat gender inequality and prevent further decline in the overall security labor pool,” said Sloane Menkes, PwC principal and global crisis center coordinator. “While there is significant demand for high-skilled workers, there is also a critical pipeline issue of women joining our cybersecurity workforce. Cybersecurity leaders need to commit to reversing this trend – from our universities to our board rooms – before the issue is irreversible.”

“With increasingly sophisticated threats and the demand for security talent soaring, the cybersecurity field is one that absolutely cannot afford to neglect the population of women and the many talents they offer,” said Shamla Naidoo, global chief information security officer, IBM. “The security industry needs the best and brightest to remain ahead in the fight against cybercrime, and creating a workforce with diversity of thought, gender and backgrounds is essential to this goal.”

“As the leading executive search firm specializing in cybersecurity, Alta Associates understands that building world class teams and solving complex cybersecurity challenges requires diversity of thought. That’s why we are proud to report that in 2016 Alta filled nearly 30 percent of its cybersecurity searches with qualified women executives.” said Joyce Brocaglia, CEO of Alta Associates and founder of the Executive Women’s Forum on Information Security Risk Management & Privacy. “I am proud to co-author this important report in hopes that it both educates and inspires action to improve the representation and advancement of women in cybersecurity.”

“The Women in Cybersecurity report found that 52 percent of millennial women have a computer science degree, yet the number of women in the cybersecurity workforce has remained stagnant for the last two years,” said Sam King, chief strategy officer, Veracode. “We are already facing a significant skills gap in cybersecurity with positions going unfilled. If we continue on this track, we will be unable to secure the digital economy. We need to examine why it is that the next generation of workers is not pursuing careers in cybersecurity, but especially women. In addition to focusing on cybersecurity education at the university level, creating programs aimed at high school and middle school students will help to create enthusiasm for this industry.”

“Mature cyber security teams require a mix of skills and diversity of thought – you must foster teamwork that’s inclusive and integrates multi-disciplinary and diverse perspectives” said Angela Messer, a Booz Allen executive vice president, and leader of the firm’s Cyber innovation business and cyber talent development champion. “An overreliance on any one background or perspective leaves an organization vulnerable to adversaries and threats that rapidly change – only diverse, multidisciplinary teams can rapidly respond and problem solve on the next challenge. It’s also a security imperative that our industry broaden access to talent by becoming better at attracting, retaining and empowering female cyber warriors.”

The largest study of the information security profession ever conducted, the 2017 GISWS took place June-September 2016 through a web-based survey. Over 19,000 information security professionals from 170 nations responded. Since its first release in 2004, the study gauges the opinions of information security professionals, and provides detailed insight into important trends and opportunities within the profession. It aims to provide a clear understanding of pay scales, skills gaps, training requirements, corporate hiring practices, security budgets, career progression and corporate attitudes toward information security that is of use to companies, hiring managers and industry professionals.


. . . . . . . .

Leave a Reply