Just 4% of cybersecurity teams have a majority of women on them, with 11% completely lacking any female representation at all, according to new research by ISC2.
The overall global average suggests that 23% of teams are comprised of women.
The research by ISC2 on the state of diversity in cybersecurity was gathered from the 2400 women that took part in its ISC2 Cybersecurity Workforce Study, just 17% of the total 14,865 people who took part globally.
Of the 11% of participants who said there were no women within their security teams, half worked in the US.
In terms of job titles, more than half (57%) of women participants hold formal security titles like Security Consultant, Security Analyst and Security Engineer, while 43% hold informal titles (e.g., IT Manager, IT Director, VP IT). Men who participated in the study hold formal security job titles at a higher rate, at 63%.
Cybersecurity’s Ethnicity Problem
The ISC2 research also explored the average cybersecurity salary in the US by gender and ethnicity.
The average global salary of women participants in ISC2's 2023 study was $109,609 compared to $115,003 for the men who participated, a difference of $5,400.
These pay disparities grow for US participants of color and the average salary of men of color respondents was $143,610, while the average for women of color respondents was $135,630 – a difference of nearly $8,000.
In addition, 29% of women felt that they were discriminated against in the workplace, compared to 19% of men.
Overall, women of Black or African descent in Canada, the UK and Ireland reported the highest levels of discrimination, with 53% feeling discriminated against, while white and Black/African American (US) men reported the lowest levels (14% each).
Women’s Role in Filling the Cybersecurity Workforce Gap
The profession needs to grow by almost 75% to close the current cybersecurity workforce gap, according to ISC2, which stands at 4 million people.
The number of women working in cybersecurity has remained consistent year-to-year, ISC2 has found. It is estimated that the industry is made up of between 20-25% women.
ISC2 expects this percentage to rise as more young people enter the profession.
The data showed a higher representation of women within the respondent pool, starting with the age range 39–44 (16%), and the percentage increased as the age decreases (26% in the under 30 age category).
“It’s great to see incremental progress of younger women entering cybersecurity, however, it’s not enough and more needs to be done. We must continue to build a culture for all women that creates a sense of belonging that results in the retention of women in cybersecurity careers,” said ISC2 CEO Clar Rosso.
“Research reveals that the most engaged women in cybersecurity work at organizations that invest time and resources into diversity, equity and inclusion (DEI) initiatives such as offering competitive pay, hosting mentorship programs and establishing an inclusive culture that fosters professional development opportunities.”
Overall, 69% of women respondents said DEI will continue to become more important for their security teams over the next five years compared to 55% of men.
Other Stats from the ISC2 Research
- Cloud Services, Automotive, and Construction are the industries with the highest percentage (28%) of women on security teams, while Military and Utilities had the lowest (20%)
- 66% of women say diversity has contributed to their security team’s success and 78% of women believe an inclusive environment is essential for the team’s success.
- Women reported lower cybersecurity staffing shortages at their organizations than male participants (62% vs. 68%), with their organizations sourcing talent from other departments, implementing job rotations and hiring those without cyber experience at higher rates.
- Women reported higher rates of pursuing cybersecurity in school (14%) compared with men (10%).
- Women want to work in a constantly evolving field (21%) and one where they can help people and society (16%) at higher rates than men (18% and 14%, respectively).