Women comprise just 11 percent of the global information security (InfoSec) workforce even though they have higher levels of education than men, with 51 percent holding a master’s degree or higher, compared to 45 percent of men according to the Women in Cybersecurity report released by the Center for Cyber Safety and Education.
The study found that fewer women hold positions of authority (director level or above) within organisations compared to men even though those employed in the cybersecurity field have a more varied educational background than men contributing to the diverse set of skills they can potentially bring to the industry.
Moving on to remuneration, an area which is set to irk those working to level the field even further, the report states that “on average, women in the information security industry earn a lower annual salary than their male counterparts” while 51 percent of women in the cybersecurity industry in North America and Latin America have experienced some form of discrimination, compared to only 15 percent of men.
The report is part of a partnership between Center for Cyber Safety and Education and the Executive Women’s Forum on Information Security, Risk Management & Privacy which joined forces with several industry leaders to raise awareness of the need for women in cybersecurity. Additional sponsors of the report include: PwC, IBM, Alta Associates, (ISC)² and Veracode. Booz Allen Hamilton sponsored the Global Information Security Workforce Study (GISWS), which provided the data for the report.
The largest study of the information security profession ever conducted, the 2017 GISWS took place June-September 2016 through a web-based survey. Over 19,000 information security professionals from 170 nations responded. Since its first release in 2004, the study gauges the opinions of information security professionals, and provides detailed insight into important trends and opportunities within the profession. It aims to provide a clear understanding of pay scales, skills gaps, training requirements, corporate hiring practices, security budgets, career progression and corporate attitudes toward information security that is of use to companies, hiring managers and industry professionals.
“It’s disappointing to see that the number of women in the cybersecurity workforce continues to remain low,” said David Shearer, CEO, the Center for Cyber Safety and Education and (ISC)². “We must encourage young women; help them to see that information security is a challenging, lucrative and exciting career field. We must also promote women into leadership positions, and pay them at levels that are equal to their male counterparts. There is a large shortage of skilled cyber professionals, and women are a valuable resource that can help to bridge that gap.”
“For 15 years the Executive Women’s Forum on Information Security, Risk Management & Privacy has been committed to addressing the very issues highlighted in this report by delivering programs which retain and advance women through education, leadership development and the creation of trusted relationships.” said Lynn Terwoerds, executive director of the Executive Women’s Forum on Information Security, Risk Management & Privacy. “I am so proud to be a co-author of the Women in Cybersecurity report and hope that the results will promote both conversations and actions to advance and retain women in cybersecurity.”
The 2017 Women in Cybersecurity report, which can be downloaded here, is the second release of data from the 2017 Global Information Security Workforce Study. The first data set, released in February 2017, was the Millennials – the Next Generation of Information Security Workers.
The Center for Cyber Safety and Education (Center), formerly (ISC)² Foundation, is a nonprofit charitable trust committed to making the cyber world a safer place for everyone.
Founded in 2002, the Executive Women’s Forum on Information Security, Risk Management & Privacy (EWF) is the largest member organization dedicated to engaging, advancing and developing women leaders in Cybersecurity, IT Risk Management, Governance Risk & Compliance and Privacy.
(ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification, (ISC)2 offers a portfolio of credentials that are part of a holistic, programmatic approach to security.