Recruiting Women Key to Closing Cybersecurity Skills Gap

A failure to include women in cybersecurity recruitment campaigns, the continued focus on technical skills and a gender pay gap is exacerbating the cybersecurity skills shortage.

“It’s disappointing to see that the number of women in the cybersecurity workforce continues to remain low,” said David Shearer, CEO, the Center for Cyber Safety and Education and (ISC)². “We must encourage young women; help them to see that information security is a challenging, lucrative and exciting career field. We must also promote women into leadership positions, and pay them at levels that are equal to their male counterparts. There is a large shortage of skilled cyber professionals, and women are a valuable resource that can help to bridge that gap.”

“For 15 years the Executive Women’s Forum on Information Security, Risk Management & Privacy has been committed to addressing the very issues highlighted in this report by delivering programs which retain and advance women through education, leadership development and the creation of trusted relationships.” said Lynn Terwoerds, executive director of the Executive Women’s Forum on Information Security, Risk Management & Privacy. “I am so proud to be a co-author of the Women in Cybersecurity report and hope that the results will promote both conversations and actions to advance and retain women in cybersecurity.”

Key takeaways from the Women in Cybersecurity report from the Center for Cyber Safety and Education include:

  • Women comprise only 11 percent of the global information security workforce.
  • Women have higher levels of education than men, with 51 percent holding a master’s degree or higher, compared to 45 percent of men.
  • Fewer women hold positions of authority (director level or above) compared to men.
  • Women working in cybersecurity have a more varied educational background than men contributing to the diverse set of skills they can potentially bring to the industry.
  • On average, women in the information security industry earn a lower annual salary than their male counterparts.
  • Fifty-one percent of women in the cybersecurity industry in North America and Latin America have experienced some form of discrimination, compared to only 15 percent of men.
  • Women who have higher levels of access to sponsorship and leadership programs report feeling valued in their role and are more likely to be successful.

The Center for Cyber Safety and Education and the Executive Women’s Forum on Information Security, Risk Management & Privacy joined forces with several industry leaders to raise awareness of the need for women in cybersecurity. Additional sponsors of the report include:

  • PricewaterhouseCoopers LLC
  • IBM
  • Alta Associates
  • (ISC)²
  • Veracode.

Booz Allen Hamilton sponsored the Global Information Security Workforce Study (GISWS), which provided the data for the report.

“With increasingly sophisticated threats and the demand for security talent soaring, the cybersecurity field is one that absolutely cannot afford to neglect the population of women and the many talents they offer,” said Shamla Naidoo, global chief information security officer, IBM. “The security industry needs the best and brightest to remain ahead in the fight against cybercrime, and creating a workforce with diversity of thought, gender and backgrounds is essential to this goal.”

“As the leading executive search firm specializing in cybersecurity, Alta Associates understands that building world class teams and solving complex cybersecurity challenges requires diversity of thought. That’s why we are proud to report that in 2016 Alta filled nearly 30 percent of its cybersecurity searches with qualified women executives.” said Joyce Brocaglia, CEO of Alta Associates and founder of the Executive Women’s Forum on Information Security Risk Management & Privacy. “I am proud to co-author this important report in hopes that it both educates and inspires action to improve the representation and advancement of women in cybersecurity.”

“The Women in Cybersecurity report found that 52 percent of millennial women have a computer science degree, yet the number of women in the cybersecurity workforce has remained stagnant for the last two years,” said Sam King, chief strategy officer, Veracode. “We are already facing a significant skills gap in cybersecurity with positions going unfilled. If we continue on this track, we will be unable to secure the digital economy. We need to examine why it is that the next generation of workers is not pursuing careers in cybersecurity, but especially women. In addition to focusing on cybersecurity education at the university level, creating programs aimed at high school and middle school students will help to create enthusiasm for this industry.”

“Mature cybersecurity teams require a mix of skills and diversity of thought – you must foster teamwork that’s inclusive and integrates multi-disciplinary and diverse perspectives” said Angela Messer, a Booz Allen executive vice president, and leader of the firm’s Cyber innovation business and cyber talent development champion. “An overreliance on any one background or perspective leaves an organization vulnerable to adversaries and threats that rapidly change – only diverse, multidisciplinary teams can rapidly respond and problem solve on the next challenge. It’s also a security imperative that our industry broaden access to talent by becoming better at attracting, retaining and empowering female cyber warriors.”

SIA's Take: It is imperative for the cybersecurity industry to support and facilitate the recruiting, retaining and promoting of women. While there is significant demand for high-skilled workers, there is also a critical pipeline issue of women joining the cybersecurity workforce. Cybersecurity leaders need to commit to reversing this trend – from our universities to board rooms.

To download the report, CLICK HERE