Women continue to be underrepresented in cybersecurity roles, which can have serious consequences for those interested in pursuing careers in this field and the industry as a whole.
A recent State of Inclusion of Women in Cybersecurity report by Women in CyberSecurity (WiCyS) and diversity, equity, and inclusion (DEI) firm Aleria identified exclusive behaviors and cultures at cybersecurity organizations that prevent women from being recruited, retained and promoted.
For the report, a series of workshops were conducted with more than 300 women in cybersecurity. Workshop participants anonymously entered information about themselves and their work experiences.
The barriers identified by the report include:
Lack of respect: Disrespect was the top reason women felt excluded from their workplace. One participant recounted, “After introducing myself, I have had individuals ask to speak to a ‘guy who works in IT’ instead of me.”
Difficulty advancing in careers: Many participants in the study identified the glass ceiling as a barrier to career advancement. According to one participant, “I was told that there was not a need for someone of my career level on a large customer account. Three months later promoting a male was an ‘imperative’ to serving that account.”
Barriers to access and participation: Women in cybersecurity are frequently excluded from activities that are essential to accessing opportunities and participating in corporate culture. One participant related, “Male peers would have important work conversations at lunch when I was not with them … ignoring my absence, hence my potential contribution.”
Lack of recognition and appreciation: Women are often not recognized for their contributions or appreciated for their efforts in the cybersecurity workplace. “When you come up with an idea, it’s met with silence, then someone else repeats your idea and everyone gets all over it,” a participant said.
Unfortunately, the culprits in these instances are corporate leadership, managers and colleagues – not faulty policies, dissatisfied customers or HR departments.
Bridging the Gender Gap
Despite these challenges, many women are leading the charge in cybersecurity research, working to identify and mitigate new threats and vulnerabilities. They are starting their own cybersecurity companies, and providing valuable services to businesses and organizations worldwide.
There are also organizations and initiatives that are working to increase gender diversity in cybersecurity. WiCyS, for example, helps build a strong gender-diverse cybersecurity workforce by facilitating recruitment, retention and advancement for women in the field. In fact, the study found cybersecurity organizations that partner with WiCyS are much less likely to have exclusive behaviors and cultures toward women.
While women are making strides in this industry, a significant gender gap remains that needs to be addressed. To do this, it is essential for the industry to recognize the value of gender diversity and to take steps to attract, retain and promote more women in the cybersecurity industry.