Five Key Focus Areas for Cybersecurity Workforce Growth

Posted on by Dwan Jones

Attracting and retaining more women within the cybersecurity workforce, as well as building on the positive experiences and perspectives of those already working in the sector is essential if we are to make meaningful inroads into the workforce and skills gaps.

The imbalance in the cybersecurity workforce continues to be an obstacle to growth as well as progress in addressing diversity, equity and inclusion (DEI). Based on independent research commissioned by ISC2, the number of women working in cybersecurity has remained consistent year-to-year, with an estimate that the percentage of women working in the industry is likely in the range of 20% to 25%.

This compares poorly to other professional sectors such as the legal profession and accountancy, where data from professional organizations in those sectors suggests that women make up half, or very close to it, of the active workforce. Data from the most recent ISC2 Cybersecurity Workforce Study (14,865 cybersecurity practitioner respondents, 2,400 of whom identified as women) showed that despite a global active cybersecurity workforce of 5,452,732, there remains a global workforce gap of 3,999,964. Reducing this gap not only requires an increase in hiring and upskilling, it requires an expansion in the talent pool to bring more people into the industry who were not previously part of the profession. Bringing more women into the cybersecurity profession to address the gender imbalance is necessary to make positive inroads.

While the percentage of women in cybersecurity roles and teams is much lower than other professions, there are several positives reported by the women who responded to the study that can serve as the bases for further incremental improvement.

For example, women reported higher rates of pursuing cybersecurity in school (14%), compared with men (10%). In percentage terms, more women surveyed want to work in a constantly evolving field (21%) and one where they can help people and society (16%) compared to men (18% and 14%, respectively). This sits alongside 76% of women reporting being satisfied with their cybersecurity jobs compared to 70% of men.

Furthermore, two-thirds of women surveyed (66%) said that diversity has contributed to their security team’s overall success, with 64% noting that DEI has been increasingly important for their security team over the past five years, rising to 69% for the coming five years. Nearly four in five women surveyed (78%) believe an inclusive environment is essential for the team’s success.

There are things to do as a hiring manager, team or business leader to build on these positives and grow the number of women both entering and remaining in the cybersecurity profession:

1. Focus on inclusion: Diversity and inclusion are clear focus areas for many organizations, both in terms of recruitment as well as staff retention and happiness. Bolstering efforts around inclusion will help existing and new cybersecurity professionals combat concerns and anxiety around not belonging and feeling inauthentic.

2. Remove obstacles to advancement: Supporting women in the cybersecurity sector to define their goals, along with ensuring they have the same development opportunities and access to leadership job opportunities are key. Women in senior positions inspire other women, so increasing gender equality in management and leadership roles is essential to overall positive motivation and retention.

3. Educate people as early as possible: Generation Z’s interest among women in roles in engineering, mathematics and computing is lagging behind men’s interest. Furthermore, young women are exposed to fewer STEM topics in school. Exposing women to cybersecurity programs early on can stimulate long-term and lifelong interest in the subject. Only 14% of our women respondents pursued cybersecurity in school.

4. Define and commit to sustainable diversity and equality goals: Setting specific hiring, recruitment and advancement aspirations, will aid significantly in developing and growing a workforce that more closely mirrors the diversity of the population.

5. Equal pay cannot be overlooked: To support and maintain equality in the workforce, pay equality must be an active component. Actively monitor pay levels across the organization to ensure inequalities can be addressed and don’t reoccur.


Dwan Jones

Director, CDE®, Diversity, Equity and Inclusion, ISC2

Professional Development & Personnel Management Human Element

professional development & workforce security education innovation innovation persistence

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs