By the year 2023, female representation in the cybersecurity workforce stands at approximately 20% to 25%, as reported by training organization ISC2. Deloitte’s recent research delves into the factors contributing to this gender gap, despite the industry’s high demand for skilled professionals.
A considerable proportion of young women in the workforce interested in cybersecurity feel they lack adequate knowledge to pursue a career in this field. Additionally, a significant number of women, 55% to be precise, express a belief that the industry could be intimidating, with 47% expressing concerns about not being taken seriously.
The findings from the research, which were disclosed in the document titled “POV Reimagined: Women in Cybersecurity” in October, were derived from a survey of 8,000 non-cyber professionals worldwide conducted by Deloitte Global in collaboration with The Female Quotient, a media company. They also involved interviews with leading female security figures globally and group discussions with individuals within and outside the industry.
Emphasizing this point, Deloitte Global cyber leader, Emily Mossburg, remarked, “The cybersecurity sector is witnessing rapid expansion, yet it is grappling with a critical shortage of skilled workforce. It is high time to challenge the stereotypes and demonstrate to women that cybersecurity not only provides the job security and growth prospects they seek but also an opportunity to have a genuine impact on the world.”
Factors Deteriorating Women From Pursuing Security Roles: Knowledge, inclusivity, and pay apprehensions
According to ISC2, a staggering 90% of organizations are facing a shortage of cybersecurity skills. The global deficit is projected to exceed 85 million trained professionals by the year 2030. In the U.K., it is observed that 35% of companies struggle to permanently fill cyber roles, while a noteworthy 75% acknowledge the existence of a pressing skills gap.
Despite the prevailing opportunities, young women in the workforce still feel disheartened to venture into the industry, as per female survey respondents who attribute this hesitation to three primary constraints:
- An apparent requirement for cybersecurity expertise and a solid technical background.
- A pressing worry that the welcoming culture they yearn for does not exist within the industry.
- The demand for equitable, transparent remuneration.
The second aspect is reinforced by the fact that 51% of female respondents believe there is no space for people like them in cybersecurity, with a similar percentage feeling they wouldn’t blend in or have the freedom to express their true selves in that environment.
Research from 2023 reveals that an alarming 83% of female security professionals have encountered exclusion at least once in their careers, especially concerning aspects like career progression, respect, acknowledgment, accessibility, and workplace policies.
SEE: Scarce presence of women in cybersecurity leadership roles
Furthermore, the issue of compensation raises a valid concern. While cybersecurity salaries are slightly tipped in favor of men over women, with an average of $148,035 for men and $141,066 for women in the U.S., or $115,003 for men and $109,609 for women globally, according to ISC2. Nonetheless, ISC2 researchers suggest that the industry demonstrates more equitable pay distribution compared to the broader U.S. job market.
These three main concerns seem not to have an impact on men. While only 23% of working women have contemplated a career in cybersecurity, the percentage stands at 35% for men.
However, despite these discouraging factors, women acknowledge the advantages of joining the cybersecurity sector. The Deloitte survey uncovers that 48% of working women perceive considerable growth prospects in cybersecurity, while 44% believe the industry could pave the way for a flourishing career.
These sentiments are well-founded, with 57% of women currently employed in cybersecurity expressing job security, 53% citing learning opportunities on the job, and 52% feeling a strong sense of purpose in their roles.
Strategies to Address the Gender Discrepancy in Cybersecurity
The authors of the Deloitte report propose that to dispel the misconception that a cybersecurity career necessitates advanced technical proficiency, the industry must undergo a rebranding.
“To destigmatize cybersecurity as a niche and highly technical field, we need to reframe it as a crucial component of digital transformation, which is more diverse and prevalent,” they suggest. “This approach will help more women view cybersecurity as familiar and approachable, making it easier for them to envision themselves succeeding in this domain.”
Moreover, proactive measures can be implemented to allay concerns regarding inclusivity and pay transparency, a key focus identified by 30% of survey respondents. These measures include:
- Encouraging the recruitment of a more diverse workforce. For instance, avoiding an excessive emphasis on technical skills in job descriptions where they are less critical.
- Introducing a broader array of job opportunities. This could encompass internships and opportunities for individuals planning a career transition.
- Ensuring pay equity. Addressing and closing wage and advancement disparities, in addition to offering family-friendly benefits like flexible scheduling.
- Promoting more women into leadership roles. Mentorship programs present an excellent opportunity to elevate women in the cybersecurity industry and offer pathways for entry into the sector.
- Raising awareness about the actual landscape of the industry. This could involve highlighting technical and non-technical roles, work-life balance aspects, and the achievements of women in cybersecurity.
- Establishing learning opportunities and community-building initiatives. These initiatives could include discussion forums and networking gatherings.
Deputy CISO and Executive Director of Information Security Policy & Strategy at the U.S. Department of Veterans Affairs, Amber Pearson, remarked, “Enhancing the representation of women in cybersecurity can bolster the industry, making it more innovative, resilient, and capable of addressing the intricate challenges of today’s digital era.”
About Author
