Closing the Gender Gap in Cybersecurity

 

As the digital economy grows, the cyber-attack surface grows with it – a perfect storm of conditions that have given rise to the world’s biggest criminal growth industry. Damage from cybercrime is forecast to reach $10.5 trillion annually by 2025 – a 300% increase from 2015 levels. The need to keep pace with this dynamic threat has triggered a surge in demand for cyber professionals, swelling the global cybersecurity workforce to a whopping 4.7 million people in 2022.

However, demographics in this sophisticated industry are still outdated, with one section of society worryingly underrepresented within this vast workforce: women. Such is the extent of this gender disparity that women only make up a quarter of the cybersecurity workforce.

 

Challenges for women in cybersecurity

Women face common challenges in the cybersecurity sector that either prevent them from entering or force them to leave – including:

 

Recruitment hurdles

Too often recruiters seek candidates who mirror current employees in terms of experience, education, and technical expertise. This reluctance to select candidates that require training, amid an urgent requirement for cybersecurity skills, often excludes women – particularly young women who are new to the field.

 

Lack of industry role models

Without enough women in the industry to look up to the perception that cybersecurity roles are gender-specific is perpetuated. Just 25% of women in tech companies expressed confidence in being promoted to executive positions, with many noting a lack of support and mentorship.

A report by Crest – a global community of cyber security businesses and professionals – entitled “Exploring the Gender Gap in Cybersecurity” identifies two key areas for improvement in the workplace: increasing female visibility and improving female mentoring to help women enter and advance within the industry.

 

Gender bias

A worrying number of women working in cybersecurity have experienced conscious and unconscious workplace discrimination. According to one study, 51% of female respondents identified some form of discrimination and 87% felt the bias was unconscious. This confirms how entrenched the bias towards male employees and candidates is in the industry – whether employers realise it or not.

 

Gender pay gap

Women earn less than three-quarters (72%) of their male counterparts in the cybersecurity industry globally. This gender pay gap starts early: women with one to three years of experience in the industry earn around $19,950 less than men with the same amount of experience.

 

How to encourage more women to enter the Cybersecurity industry

Apprenticeships

Apprenticeships are a proven tool for developing a diversity of talent within an industry. These on-the-job training programs have the potential to empower more women to gain practical experience and develop the necessary skills for a career in cybersecurity – two common hurdles they face when embarking on a career in the industry.

 

Engage them from a young age

Traditionally girls haven’t been engaged in technology from a young age amid lazy gender stereotypes about computers. To break this cycle GCHQ has set up the CyberFirst Girls Competition, which aims to support girls interested in a career in cybersecurity.

 

Equal pay

Employers must bridge the gender pay gap by establishing standards for how pay is determined based on education, relevant experience, responsibilities, and job performance. They should also audit employee pay structures and identify gaps linked to gender across roles and job levels.

 

Mentorship networks

The value of role models is often underestimated. Having a visible representation of what can be achieved by our peers in underrepresented industries encourages people to push boundaries, upskill, and be more ambitious. A strong mentorship network is essential to attract and retain women in an industry that has traditionally been unwelcoming – and to help them break through the glass ceiling into senior roles.

 

What does the future hold?

The tide appears to be turning: the number of women working in cybersecurity is expected to reach 30% by 2025 and 35% by 2031 – which represents a vast improvement from 2013 when they held just 10% of jobs. And with research showing that 3.4 million more skilled cybersecurity professionals are currently needed globally, opportunities will abound for women – provided the industry makes a concerted effort to attract them, train them, and retain them.