The InfoSec Institute finds that, at a time when many cybersecurity positions are likely to remain open, interest in the sector is low among women. The report suggests that issues of perception and discrimination are at play.
The cybersecurity sector, which is destined to see significant growth in the coming years, is facing a well-known skills gap, with the employment demand likely to outpace the supply for years to come.
But the industry is also facing another kind of gap—a gender gap. And given the other gap, that compounds the problem.
According to a new report from the InfoSec Institute, women make up just 11 percent of the cybersecurity workforce, a rate that is far below the 47 percent share of the workforce women comprise overall—and a level that has stayed stagnant in recent years. In comments to Channelnomics, InfoSec Institute Founder and CEO Jack Koziol said it was imperative to fix this problem.
“The industry needs more women and persons of color,” Koziol told the news outlet [registration]. “Diversity is proven to increase business productivity and profitability. But it also needs more candidates generally. The industry’s current 300,000-plus vacant positions puts everyone at risk. Our data is everywhere and we need qualified professionals to protect it.”
The report (which pulls together data from a variety of sources) emphasizes that perception issues linger, which may make the field less attractive to women. Despite countless studies finding that women are equally capable at STEM work as men, the “hacker” and “nerd” rep tied to cybersecurity work contributes to an overall lack of interest in the field. The report suggests that many women decide not to pursue a career in cybersecurity while still in high school.
But those aren’t the only factors at play. Traditional gender gap issues, such as widespread discrimination (affecting 51 percent of women in the industry, per one study), linger. Also having a role is the difference in pay. According to statistics from PayScale.com cited by the institute, women, on average, get paid around 8 percent less for cybersecurity roles, even with the necessary certifications.
Despite the somewhat dour nature of the report, InfoSec Institute does see a plus side to the situation.
“While the gender discrimination issues in cybersecurity remain widespread, the industry still holds significant potential for women candidates,” the report states. “Women in cybersecurity have the potential to earn far higher salaries than in other roles — doubling, or sometimes tripling the national average for women in other industries.”