Women in STEM: Closing the cybersecurity gender gap

| By:
Sajal Sahay

According to Zippia, experts in career research, women held 28% of computing and mathematical jobs in 2022 and less than 20% of leadership positions in the technology industry. These dismal statistics are even more acute in the cybersecurity sector. But studies show that diversity in viewpoints and perspectives is underrepresented without women, which can leave critical gaps in addressing cybersecurity risks.

The general industry recommendation is to enact a multi-faceted strategy to ensure more women have cybersecurity opportunities, and there are some quick and easy ways to get the ball rolling. Let’s take a look at some of the core underlying reasons for the gender gap and why prioritizing closing the gap benefits individuals, businesses, and the industry as a whole. We’ll also showcase several women leaders who are great role models and an inspiration to other women looking to join the industry.

Issue #1: Understaffing in cybersecurity

The onset of COVID-19 and the Great Resignation in 2020 substantially impacted employment at most businesses, which deepened the already-existing labor shortages in cybersecurity. To make things worse, a significant demand for cybersecurity expertise grew as cyberattacks rose in frequency and seriousness. In 2021, two things happened: there was a 14% increase in demand for cybersecurity jobs, and according to cybersecurity Ventures, the number of unfilled cybersecurity jobs grew by 350 percent to 3.5 million.

Issue #2: Understaffing of women in cybersecurity

According to a recent Boston Consulting Group (BCG) survey, 75% of cybersecurity workers are men. While the low percentage of women participating in STEM-related careers is the major driver, it’s further accentuated in cybersecurity due to the faster pace of change. Certification requirements shift rapidly, projects are only accessible to those with the most up-to-date knowledge backgrounds, and limited internship chances together create a greater perception of uncertainty for those entering the cybersecurity industry, especially women who self-reported a desire for more predictability in their career opportunities. The same BCG study showed that 47% of women surveyed said they were not interested in a career in cybersecurity.

Issue #3: Salary and career growth disparity between women and men

A Women In Tech article in CIO magazine in March 2023 covered a Dice study, revealing that 75% of men believe their employer offers equal pay but only 42% of women felt the same. Dissatisfaction levels among women in technology versus other industries are higher than among men, with compensation ranking as the top issue women express as the reason for this dissatisfaction.

Growth into leadership roles is another stumbling block. Some of the problematic issues noted included fewer opportunities to lead projects with enterprise-level importance, gain exposure to senior leaders through presenting big projects, and speak on behalf of the company at trade shows, conferences, and other group settings.

3 simple strategies to recruit women into cybersecurity

Solving the issues above is not a quick fix, but there are three ways to quickly get started with recruiting and retaining more women in the cybersecurity industry.

  1. Creating greater awareness of opportunities

To focus on women at all stages of their careers, companies can invest resources in three areas: build awareness of educational and scholarship opportunities that help grow their cybersecurity knowledge, create internships and mentorship opportunities, and build a roadmap of cybersecurity programs that offer them chances to lead. Apply these three tactics at a recruiting level and for existing women employees to bring in new talent and help them advance their cybersecurity careers.

  1. Enabling greater availability of opportunities

When recruiting new employees to the cybersecurity team, focus on finding women that can grow into the role over time. Similarly, internships, mentorships, and project leader roles should specifically consider women who can grow into these roles over time. Making a deliberate effort to include women in the candidate pool is the quickest way to make a demonstrable impact.

  1. Creating internship and mentorship and opportunities

Internships are a very effective way to provide on-the-job training, which is a cost-efficient way to enhance job satisfaction for people just starting careers. Similarly, mentors can help new and long-standing employees by providing expertise and guidance for building a suitable skill set and knowledge base. Groups such as the Women in Technology can help you create internship and mentorship opportunities for women employees, which has the added benefit of creating company-wide goodwill that such programs tend to generate.

Powerful leaders: Women inspiring the cybersecurity industry

In the past few years, these women have been recognized as leaders in the cybersecurity sector by various organizations. They are great role models and examples of why more women should be in the cybersecurity industry.

Abigail Bradshaw, Head of the Australian Cyber Security Centre (ACSC)

Abigail Bradshaw has held senior security roles in the Australian government for a large part of her career, including head of the Nation Security Division and the Department of Home affairs inaugural Chief Risk Officer.

Ann Westerheim, PhD, Founder and President at Ekaru

Ann Westerheim runs a technology service provider of cybersecurity and IT services for small and medium businesses in the greater Boston area. Ann is an accomplished technology innovator and leader with three engineering degrees from MIT. She is also the author of “Cybersecurity for Main Street: Cyber Fit in 21 Days”.

Jadee Hanson, CISO at Code 42

Jadee Hanson leads global risk and compliance, security operations, incident response, and the insider threat program for Code42. She is also the co-author of “Inside Jobs: Why Insider Risk Is the Biggest Cyber Threat You Can’t Ignore.” The Software Report awarded Hanson one of The Top 25 Women Leaders in Cybersecurity of 2022, Cyber Defense Magazine named her a Black Unicorn—Top 10 Women in Cybersecurity, Top 10 CISO in 2021 and one of the Top 100 Women in Cybersecurity for 2020, and SC Magazine named her a Women in Security: PowerPlayer in 2019.

Liliana Musetan, Head of Security Unit at the General Secretariat at the Council of the European Union

Liliana Mustean has over 23 years of experience in managing the ever-changing threat landscape. In her role with the Council, she protects their crown jewels and works to enhance their overall cybersecurity posture. She’s also committed to empowering other women in cybersecurity with experience and knowledge to create a stronger cybersecurity industry over time.

Lindy Cameron, CEO of the Nation Cyber Security Center (UK)

Lindy Cameron has over 20 years of cybersecurity policy and crisis management experience, specializing in national security with several governments worldwide. She spoke at the 12th annual Tel Aviv Cyber Week, one of the top cybersecurity events in the world, identifying ransomware as the primary cyber threat to global security, which is both pervasive and quickly evolving.

Natalie Suarez, Director of the Cybersecurity Task Force at ConnectWise

Natalie Suarez is responsible for providing thought leadership and education around managing cyber risk for ConnectWise partners and their clients. She has more than 25 years of experience in cybersecurity, software, and systems engineering. She serves on the CompTIA Information Sharing and Analysis Organization’s (ISAO) Governance Committee and was recognized as a 2023 CRN Channel Chief.

Tanja Omeragic, Director of Technical Sales for the North American Cybersecurity Division at ConnectWise

Tanja Omeragic evangelizes cybersecurity best practices through education and awareness programs for her teams. Her recent work includes the launch of the award-winning ConnectWise Partner Program concerted efforts to understand and support IT solution partners as they build cybersecurity solutions that protect SMBs. She was recognized as a CRN 2023 Women of the Channel honoree.

To learn more strategies for hiring women in cybersecurity, visit the Women in Cybersecurity or the Australian Women in Security Network websites. To learn more about the shortage of cybersecurity workers, click here.