Cybersecurity Is Becoming More Diverse … Except by Gender

  /     /     /  
Publicated : 23/11/2024   Category : security


Cybersecurity Is Becoming More Diverse … Except by Gender


While other professions are making up ground, cybersecurity still lags behind in female representation, thanks to a lack of respect and inclusion.



Right now, in 2024, at least three of every four cybersecurity professionals is male.
Cybersecurity is hardly the only male-dominated industry, but even in contrast to others — like
law (53%)
,
accounting (46%)
, and
doctors of medicine (37%)
— it lags behind.
According to new research from ISC2, women make up just
20% to 25% of the cybersecurity industry
. And that figure, it noted, has remained relatively consistent for some years.
It stands out even more when compared with the racial makeup of the industry. While the majority of cyber pros over the age of 40 in the US, the UK, Canada, and Ireland are white, the majority under 40 are not. ISC2 found that over the past 12 months, a full two-thirds of new entrants to the industry from those countries have been non-white.
The takeaway? Cybersecurity is fixing its diversity problem, but only halfway.
Just 4% of ISC2 survey respondents indicated that women make up a majority of their security teams. By contrast, 11% admitted they have no women on their teams at all.
There seems to be a mild networking effect at play, too. The average woman in security works with around 8% more women (30%) on average than men do (22%).
The problem is pretty much the same across industries, as the most-diverse sectors, like cloud services, automotive, and construction (all 28% female), dont far outpace the least-diverse (military and energy, each at 20%).
There are, however, some positive trends alongside the lagging ones.
Where only around 14% or 15% of cyber pros over age 40 are women, at least 25% under age 35 are (a relative improvement).
Most interestingly, the women who do make it into the cybersecurity field tend to rise up the corporate ladder at least as high as, if not higher than, their male counterparts. Women own executive titles at a similar clip to men. A greater percentage of them possess managerial-level roles, and a lesser percentage are ranked as individual contributors. And counterintuitive though it may sound, a greater percentage of women in security are involved in the hiring process than are men (33% to 24%).
That data, however, contrasts with other recent findings.
In its 2023 State of Inclusion Benchmark in Cybersecurity report, Women in Cybersecurity (WiCyS) tracked the ways in which women experience exclusion in the industry.
Respect ranked as the worst issue
on its list, but just behind respect was career and growth opportunities.
Women are experiencing a glass ceiling at around six years, reports Lynn Dohm, executive director at WiCyS. You could imagine
the journey for a woman in cybersecurity
as theyre advancing in their career, not necessarily getting the stretch assignments theyre anticipating, perhaps their managers arent taking initiative and identifying the trajectory of their career within the organization, theyre getting passed up for promotions and experiencing that lack of respect with microaggressions, tokenism, comments. All of that leads up to the point where an individual would likely choose to step out of the career and move into other areas.
Its a self-fulfilling cycle: Too little female representation is leading more women to steer clear of security. As Dohm puts it: Lack of diversity in the workforce is a symptom of the lack of inclusion.
Simply hiring more women doesnt solve the problem, either, since exclusion extends far deeper than any one person or organization can account for.
The gender gap in cybersecurity begins long before women reach the workforce, explains Jessy McDermott, partner solution architect at Aqua Security. I know firsthand as a former engineering student that this gap existed at the college level. For example, only four other women — out of an original 15, excluding myself — completed the engineering program alongside me at UMass Dartmouth. During those four years, I experienced an ongoing prejudice and doubt and saw how women were ultimately driven out of the field before they even graduated.
This is only exacerbated as time goes on and women begin to see that careers in information technology or cybersecurity are male-dominated. If you’re somehow able to
get through college
without being driven out of the field, youve just started the first leg of a never-ending journey. Ultimately, this can all lead to imposter syndrome, which myself and many female friends in the industry deal with. I have days where, even now, as a cybersecurity professional with years of experience under my belt, I still get challenged to show and, more importantly,
prove
my knowledge to others.
So, she adds, I love how more companies are going out of their way to hire more women into the field, but to see a difference,
women need internal support
to feel confident and be successful in their roles.
Besides the obvious consequences for people, there are also consequences for uniformity for companies.
When retention isnt there for female talent, it costs money, because its pulling back out recruiting dollars. And its also a reputational risk, Dohm notes.
Broader than cybersecurity, theres a body of research that says the more perspectives you bring to the table, the better off you will be at problem solving, says Clar Rosso, CEO of ISC2. In cybersecurity, which is a very complex, growing threat landscape, the more perspectives that we bring to the table to solve problems, the more likely we will be able to impact our cyber defense.
Dohm puts it tersely: Its a security risk not having the diverse perspective that women bring to the cybersecurity workforce.

Last News

▸ Children to solve corporate cybercrime at DEF CON. ◂
Discovered: 23/12/2024
Category: security

▸ Info Risk Maturity: Conscious but Not Prepared ◂
Discovered: 23/12/2024
Category: security

▸ Is P.F. Changs the newest target? ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Cybersecurity Is Becoming More Diverse … Except by Gender