Women still only make up a quarter of the workforce in cybersecurity, a striking gap compared to 39% participation in the general workforce. At the same time, the global cybersecurity workforce would need to grow by 80% to meet current demand, according to a joint study by Boston Consulting Group (BCG) and The Global Cybersecurity Forum (GCF).
The report Empowering Women to Work in Cybersecurity Is a Win-Win is based on a global survey of 2,000 female science, technology, engineering, and mathematics (STEM) undergraduate students in 26 countries across six regions, as well as interviews with 20 international experts in the field.
The report highlights key actions that need to be taken to meet this growing gender divide in cybersecurity. Engaging women with STEM subjects at an early stage is key to their participation in cybersecurity: 78% of the survey respondents developed an interest in STEM in middle school or high school. However, access to STEM education, although an issue, is not the main stumbling block: 58% of respondents had access to cybersecurity education, and 68% had already taken a cybersecurity-related course. Around 82% of survey respondents said they had some or a lot of knowledge about cybersecurity. Challenges include social or cultural norms constraining what women study, home and care responsibilities that affect their ability to enter or succeed in a cybersecurity career, and negative perceptions of cybersecurity as a career choice. About 37% of respondents think cybersecurity does not offer work-life balance, which is one of the top three factors for women choosing a job, along with good compensation and meaningful work.
“The results of this report have shown that women are ready and prepared to fill the talent gap in the cybersecurity workforce,” said Alaa M. Alfaadhel, Initiatives & Partnerships Lead at GCF. “With the right encouragement from a young age, women can not only begin to enter the industry, but can also become leaders in their field. By bringing together the leading voices and minds of the cyberworld at the GCF, we are confident that we can bridge this gap and action impactful change for women in cybersecurity.”
“Closing the gender gap in cybersecurity would fulfill an urgent demand in the field that is only going to get bigger,” said Leila Hoteit, a BCG managing director and senior partner; global lead of the firm’s education, employment, and welfare sector; and coauthor of the study. “It would also strengthen cyber resilience by bringing in diverse perspectives and would improve business performance. But at the current pace, it will take 130 years to achieve gender parity in the industry. The escalation in cybersecurity threats and their economic impact make it imperative that urgent action is taken to address this mismatch.”
The magnitude of the challenge differs from region to region: 94% of respondents in the Middle East and North Africa, 89% in Europe, 84% in Africa, and 82% in Asia-Pacific were interested in pursuing a cybersecurity degree, compared to 77% in Latin America and only 61% in North America. Similarly, 45% of North American respondents were likely to participate in targeted STEM programming in their school education, compared to 72% in Europe and 79% in the Middle East and North Africa.
The report recommends a holistic approach, addressing the pipeline, recruitment, retention, and advancement for women in the field. Key initiatives would include targeted STEM engagement of school-age girls; openness to training or reskilling candidates with aptitude; gender- and family-friendly policies; ensuring a good work-life balance; and providing access to mentors, sponsors, and women’s networks dedicated to advancing women into senior leadership roles.
You can read the full report here