Why women still make up only 24% of cybersecurity pros

More millennial women are entering the field, but wage gap issues remain, according to an (ISC)² report.

How women can enter cybersecurity from other fields to close the talent gap At RSA 2019, Emily Heath of United Airlines explained the gender and diversity gap in cybersecurity and offered advice for women and companies in how to close it.

Despite some progress, women still only make up 24% of the cybersecurity workforce, according to the 2019 Women in Cybersecurity report from (ISC)².

While this number represents an increase over years past, challenges including wage inequality remain a barrier to drawing more women into the field and filling talent gaps, the report found.

Previous research found that women made up only 11% of the world's information security workforce, and just 1% of its leadership. However, the (ISC)² widened its survey pool by taking a more holistic look at who is doing the work of cybersecurity, and included both certified cybersecurity professionals as well as IT/ICT professionals who spend at least 25% of their time on cybersecurity tasks.

SEE: How to build a successful career in cybersecurity (free PDF) (TechRepublic)

However, this is likely to change in the coming years, as the newest generation of cybersecurity professionals is far more female, according to the report: 45% of the women surveyed were millennials, compared to 33% of men—far higher numbers than expected from this generation in recent years. The report surveyed 1,452 cybersecurity professionals total.

Women also bring higher levels of education to the cybersecurity field, the report found: 52% of women surveyed hold a post-graduate degree, compared to 44% of men.

While still smaller in number, more women in cybersecurity are advancing to leadership positions than men, the report found. Of those surveyed, 7% of women were CTOs, versus 2% of men; 9% of women were vice presidents of IT, compared to 5% of men; 18% of women were IT directors, versus 14% of men; and 28% of women were C-level executives, compared to 19% of men.

"The data confirms what we've been seeing for the past few years on the ground. More women are coming into the field of cybersecurity with post-graduate degrees and not only working in the trenches but also in the C-suite," (ISC)² CEO David Shearer said in a press release. "Women in high-level positions will foster more inclusion and inspire young women to join the industry, and there are certainly many exciting opportunities available for those seeking to inspire a safe and secure cyber world. Diversity only makes us stronger."

Challenges remain

Despite more women entering and succeeding in the cybersecurity field, pay inequalities persist, the report found. While 29% of men in the field report annual salaries between $50,000-$90,000, only 17% of women do the same. Some 20% of men in cyber earn between $100,000-$499,999, compared to 15% of women.

Both male and female cybersecurity professionals share many of the same concerns about their roles, including lack of commitment from upper management, the reputation of their organization, the risk of seeing their job outsourced, a lack of work-life balance, the threat of artificial intelligence (AI) reducing the need for their role, and a lack of standardized cybersecurity terminology to effectively communicate within their organization.

"It's an encouraging sign that more women are succeeding in cybersecurity and moving up through the ranks," Jennifer Minella, vice president of engineering and security at Carolina Advanced Digital, Inc. and chairperson of the (ISC)² board of directors, said in the release. "For many years this hasn't been the case, and we need to continue to do all we can to make ours a welcoming profession for the most talented and innovative individuals, regardless of gender."

To learn more about how to become a cybersecurity professional, check out this TechRepublic cheat sheet.

Also see

istock-949581062.jpg
Image: iStockphoto/Gorodenkoff Productions OU

By Alison DeNisco Rayome

Alison DeNisco Rayome is a Senior Editor for TechRepublic. She covers CXO, cybersecurity, and the convergence of tech and the workplace.