The needle hasn’t budged on the number of women in cybersecurity
Lower pay, bias and lack of high-level jobs make industry’s glass ceiling impenetrable to many
By Rodika Tollefson, ThirdCertainty
Women aren’t making much of a dent as participants and contributors to the booming cybersecurity industry.
That’s one of the main conclusions of The Center for Cyber Safety and Education’s eighth Global Information Security Workforce Study, conducted by Frost and Sullivan.
The report found that despite more women in the industry, their ratio remained stagnant from two years ago. Astoundingly, the 2015 version of the same report reached the same conclusion.
But where the numbers get more interesting is in the presence of women in leadership roles and the discrimination they encounter. On both counts, the disparity with their male counterparts is vast.
Related story: How to grapple with the growing gender gap in cybersecurity
Men are four times more likely to be in C-level positions, four times more likely to be in executive management, and nine times more likely to be managers, Frost and Sullivan found. And the more women climb the ladder, the more likely they are to encounter discrimination, compared to their male peers.
The study, which included 14,000 respondents globally, found that:
- Women represent 11 percent of the work force in information security globally
- In North America, that number is 14 percent (vs. about 50 percent of women in the total work force)
- The larger number of women in the industry in North America does not translate to a larger number of female executives or managers — 1 percent of women are C-level executives vs. 5 percent who are men; 1 percent are executive managers vs. 4 percent men; and 2 percent are middle managers, vs. 16 percent of men in North America and 21 percent globally
- The wage gap has widened for nonmanagerial positions, but closed for upper-level executives
More discrimination on higher rungs
At all levels, a significantly larger number of women feel workplace discrimination based on ethnicity, gender or cultural group. However, the difference between the genders grows disproportionately higher as they move up the ladder. For example: 35 percent of entry-level women feel discriminated against vs. 11 percent of men who do, and 65 percent of women in executive management vs. 14 percent of men.
Lynn Terwoerds calls the salary gap, discrimination and executive underrepresentation a “dangerous trifecta.” Terwoerds worked in security response at Microsoft for 10 years and was the information security risk director at Oracle. She now is the executive director for the Executive Women’s Forum, an organization for women leaders in IT that co-sponsored the study.
“We have three broken legs in the stool—underpaid, underrepresented in management, especially senior management,” she says. “When you add to that the percentage of women who have experienced one or more forms of discrimination in the workplace, the 11 percent (participation rate) suddenly is not at all surprising.”
Women more educated
The study also found that regardless of their level, women in North America have higher education levels than men. For example:
- At C-level, 17 percent of women and 7 percent of men have doctorate degrees
- At entry level, 48 percent of women have master’s degrees vs. 34 percent of men
Executive Women’s Forum founder Joyce Brocaglia says she hears from women that education is a way for them to level the playing field. Brocaglia is the CEO of Alta Associates (another report co-sponsor), a top executive-search firm specializing in cybersecurity.
“Because their competence is frequently challenged in the workplace, at least they can credentialize themselves with this education,” she says.
The glass ceiling is a fixture in many male-dominated fields, but seems especially tougher to break in cybersecurity. Discrimination likely plays a major role, says Jason Reed, a Frost & Sullivan consulting analyst who was the lead statistician on the study.
He notes that not only do women encounter more discrimination as they move to the top, but half of the respondents who reported discrimination said they have experienced “denial or delay in their career advancement for reasons they can’t explain outside of gender-based discrimination.”
“I think that goes a long way to explain why you see fewer women in the C-suite and management positions compared to the overall representation in the work force,” he says.
Choosing between career, family
May Wang, co-founder of ZingBox, an IoT security startup, thinks that women’s struggle between a career and raising a family also plays a role.
Wang, who has a doctorate in electrical engineering from Stanford, worked for Cisco’s CTO office for 14 years as principal architect (her algorithms became part of many Cisco products). She interviewed 10 female Silicon Valley executives for a book and concluded that many face the same challenges that she does as a mother.
“I’m struggling every day—do I spend more time on my startup, which I’m very passionate about, or do I spend time with my kids? Many women … eventually decide to quit because between career and kids, they value kids the most,” she says.
As the cybersecurity industry faces a projected 1.8 million gap in talent by 2022, Reed says that organizations will need to figure out how to attract as well as retain women.
“We can’t say for certain that there’s no other way to fill the gap that is growing,” he says. “However, it’s pretty negligent and it’s ignoring an enormous opportunity if you continue to marginalize, discourage or otherwise not hire 50 percent of the work force.”
More stories related to women in cybersecurity:
School empowers women in Afghanistan by teaching them how to code
Help wanted: More women in cybersecurity jobs
Unfilled jobs are the biggest threat to cybersecurity