Most cybersecurity roles are still filled by men and pay disparity is still an issue. However, women now account for 24% of the cybersecurity workforce and are more likely to be promoted to senior positions than men.
Buoyed by higher education and certifications, more women are entering the field of cybersecurity, not only working “in the trenches,” but also in the C-suite, according to David Shearer, CEO of the International Information System Security Certification Consortium, or (ISC)², a non-profit specialized in training and certifications for cybersecurity professionals.
45% of women surveyed by the consortium are millennials, compared to just 33% of men. 24% of the industry today is female, and the number is expected to climb even higher in the years to come. Although they still lag in numbers, women are more likely to rise to senior leadership positions, as follows:
- Chief Technology Officer – 7% of women vs. 2% of men
- Vice President of IT – 9% of women vs. 5% of men
- IT Director – 18% of women vs. 14% of men
- C-level/Executive – 28% of women vs. 19% of men
This may have to do with another finding in the study, namely that 52% of women hold a post-graduate degree, as compared with 44% of their male counterparts. Pay inequities, however, persist. Globally, 17% of women earn between $50,000 and $90,000, as compared to 29% of men, (ISC)² found. 15% of women earn between $100,000 and $499,999, while 20% of men earn at least that much. The disparities are neither colossal, nor negligible.
Disparities aside, both men and women filling cybersecurity roles share the same concerns, including work/life balance, outsourcing, lack of commitment from upper management and others. Another key problem highlighted by both camps was “lack of standardized cybersecurity terminology to effectively communicate within their organizations.”
The estimates are based on a new sample methodology that creates a more accurate and holistic representation of the cybersecurity and IT/ICT professionals responsible for securing their organizations' critical assets, the (ISC)² said.