Cybersecurity’s gender issue: Why women are kept out of leadership
ThisisEngineering via Unsplash
Many of us know the feeling.
Joining a call where all the technical questions are directed to your male colleague. Being overlooked for high-profile projects or promotions. Feeling like you must constantly prove you belong.
These micro-aggressions add up — they’re a big reason why only 20 to 25% of the cybersecurity workforce is female. Yet, companies in the top quartile for gender diversity are 27% more likely to outperform their peers in profitability.
Clearly, an inclusive workplace is a profitable one.
To improve gender diversity, business leaders must first understand what keeps women on the wrong side of this glass ceiling — and then understand how they can help break it.
What is the cybersecurity glass ceiling made of?
The barriers facing women in cybersecurity aren’t always obvious.
Like many of my college classmates, I was one of only a handful of women at my first cybersecurity job. While I recognized this was a challenge, I felt there was little I could do to impact change. After all, I was a recent graduate, eager to prove myself in the working world. Voicing concerns about bias or diversity felt too risky.
Several years later, when it was time for me to move into a leadership position, I was surprised at how isolating the transition felt. In a moment of reflection, I realized that I hadn’t seen a woman occupy the leadership position I was striving toward. Perhaps the absence of community is why I felt like I didn’t quite belong, although I was qualified.
Unfortunately, this remains the reality for many women in cybersecurity today. The industry’s male-dominated hierarchy often reproduces the same kinds of leaders. Women enter the field with ambitious goals but are gradually isolated by company cultures that weren’t created with them in mind.
Even those who succeed struggle with imposter syndrome. 75% of female executives have experienced an enduring sense of self-doubt, fueled by the constant need to navigate bias and exclusion.
It doesn’t have to stay this way. To break the cycle, we must eliminate these barriers and make cybersecurity equitable for all.
How leaders can support women in cybersecurity
How can leaders, both male and female, better support women as they navigate this traditionally male-dominated industry?
There’s no simple answer. However, there are tangible steps that your organization can take today to begin to move in the right direction:
1. Foster networking opportunities
Visibility is essential for gender diversity. When women at different stages of their careers connect and support each other, they’re better equipped to face challenges in the workplace.
At Stratascale, we created the CybHER Collective, a network where women support and encourage one another’s professional growth. Through this collective, early-career women gain insight into what cybersecurity progression looks like — and how other women have navigated the same challenges they have.
You can do the same thing in your organization. Empower women to form networking groups, and highlight their successes. You can also take inspiration from existing professional organizations that support women in cybersecurity.
2. Reject tokenism
There is an ideology in many corporate workplaces that prevents women — and other historically underrepresented groups — from rising through the ranks.
It assumes that any discussion of making space for marginalized employees is done to fill a quota. It implies that women are in need of charity. This couldn’t be further from the truth. Women in cybersecurity aren’t in need of charity — they’re in need of opportunities.
While it’s no question that women are qualified to assume leadership roles, sometimes, cultural bias and other competing biases take precedence. Pretending this isn’t the case not only reinforces harmful stereotypes, it also reinforces the idea that some employees are seen as inherently competent, while others must repeatedly fight to prove their worth.
To actively combat this mindset, make sure your company adopts transparent, skills-based promotion and hiring processes. Leadership should set clear benchmarks for advancement, ensuring that all employees — regardless of gender — are evaluated equitably.
3. Address the gender pay gap
Gender pay gaps persist in cybersecurity. United States male professionals earn an average of $148,035, while women earn $141,066.
This gap may seem insignificant compared to other industries, however, it amounts to nearly $7,000 annually. Over 30 years, that gap could mean more than $200,000 in lost earnings, not including compounded investment or retirement gains.
Beyond the dollars, a persistent pay gap also sends a message about how women’s contributions are valued — or undervalued — in an organization.
While visibility is important, addressing this gap may be even more so. This will require honest reflection as an organization. Talk to your employees, review compensation data, and acknowledge where disparities exist. This process often brings the hidden glass ceiling to light.
A more equitable cybersecurity industry is possible
Creating an equitable workplace not only improves your overall business results, it also ensures that your team isn’t hindered by invisible barriers.
Whether you’re in a leadership position or just starting your career, use this moment to reflect on the culture of your organization. Ask yourself what more you can do to ensure women in cybersecurity feel seen, heard, and valued — not just this month, but every day of the year.
Gender inequality is a complex problem that persists across most industries. Yet, we can still take tangible steps toward change. Let’s commit to being part of this change.
