An NGO focused on the recruitment, retention, and advancement of women in cybersecurity, Women in CyberSecurity (WiCyS), recently published a report that details the barriers that prevent women from being retained and promoted into the field at the same rate as men while the industry struggles to fill a 3.4 million global job gap.
According to the "State of Inclusion of Women in Cybersecurity" report, which was produced in collaboration with the DEI firm Aleria, women experienced a variety of workplace experiences that contributed to their overall feeling of exclusion and, as a result, their rates of satisfaction, productivity, and retention.
According to the poll, women were disproportionately impacted by a lack of career and promotion opportunities as well as by the disrespect shown to them by their colleagues, immediate supervisors, and company leadership. "We know that the ratio of women in cybersecurity sits around 24%, significantly below what it should be," says Lynn Dohm, executive director of WiCyS.
"We were keen to find out why this was the case, so when we discovered that women's feelings of exclusion were mostly caused by people rather than business regulations, we were somewhat stunned but not entirely unsurprised. This shows how much work still needs to be done to fully integrate women into the cybersecurity industry."
The study found that:
- According to 61% of managers, 52% of peers, and 68% of participants, their emotions of exclusion are a result of leadership. Comparatively, just 12% of individuals claimed that being excluded was due to company regulations.
- 83% of individuals reported having experienced exclusion at least once.
- Respect (reported by 56% of participants) and Career & Development (reported by 57% of participants) were the two categories that predominated the categories of experiences of exclusion at work. Recognition and Access, both of which were noted by 41% of participants, are other features that are frequently highlighted.
- Exclusion rates are 17% higher for new hires than for employees who have been with the organisation for two to five years, but they are highest after six years.
- Bigger businesses (those with 5,000 or more workers) appear to be more inclusive than smaller ones.
- Compared to non-cybersecurity enterprises, cybersecurity firms have a greater level of exclusion. This result is consistent with studies that have found that technology companies, particularly for women, tend to have higher overall exclusion ratings than businesses in other industries.
In February, more than 300 women took part in a series of seminars that collected the information for the report. Participants recounted uncomfortable workplace situations, anonymously completed surveys about themselves and their employers, and classified each occurrence into typical workplace characteristics like career & progress, respect, and work-life balance.
The information was then used to produce an exclusion score. Prevalence (the proportion of participants who reported at least one contact), severity (the average number of events disclosed by participants), and frequency are all combined to get this score (one-time or recurring).
Out of a total of about 500 contacts, women described incidents such as being asked to speak with a man in IT instead of them, having male colleagues view porn in their presence, and receiving less "pats on the back" than men.
"Our study makes it very evident that leaders of any firm must educate themselves about inclusion and must start considering inclusion as a fundamental component of their business strategy," says Paolo Gaudiano, co-founder and president of Aleria.
"With the critical shortage of workers in the sector, it is imperative to comprehend the obstacles that prevent women, who have so much to offer the industry, from entering and excelling in the field of cybersecurity. We think that our study serves as a much-needed wake-up call for business executives to include inclusion as a core part of their DEI strategy and objectives instead of only using diversity as the primary metric."
