In 45% of enterprises, the proportion of women working in IT security departments is less than that in the rest of the company’s workforce. However, of these organisations only 37% of them have in place or considered applying, formal programs that will bring more women into cybersecurity security – a survey of security leaders conducted by 451 Research has revealed.
A diverse workforce brings new talents to an organisation as well as improved business performance. For example, the most diverse enterprises globally achieve 19 percentage points higher revenue from innovation. It makes the idea of gender parity not only an ethical issue but an important factor for business efficiency. To help women succeed in business and progress their careers, there are initiatives in different fields, such as technologies or entrepreneurship.
Despite some diversity initiatives, women constitute 39% of the labor force and only 25% of management positions worldwide in general. Cybersecurity, as well as IT in general, may be considered a male-dominated field. This perception could be a barrier for women to enter the industry. According to the 451 Research “Cybersecurity through the CISO’s eyes. Perspectives on a role” report, commissioned by Kaspersky, 45% of CISOs confirmed that women are under-represented in their department.
Nonetheless, only 37% of such organizations have, or are going to implement, any formal procedure aimed at attracting more women in their IT security department. The most popular approach to attract women is to train those who have an IT background (80%). Almost half of these respondents say that they now provide, or are going to provide, internship programs aimed at female students (42%) or are ready to train candidates with little or no qualifications (40%). Only 22% hire female candidates from other departments within their organizations.
The rest (63%) said that they are only looking for fully-qualified specialists, with no consideration towards gender. However, as 70% of CISOs find it difficult to source skilled IT security specialists in different areas, there is a call for CISOs to look for other ways to bridge the talent gap.
The research also found that men outnumber women among IT security leaders. Only a fifth (23%) of respondents, who answered the question about their gender, stated they are women. Nonetheless, the tenure in the role suggests that the number of women in a security leadership role is growing: 20% of female respondents have moved into their position as an IT security leader in the last two years, which is twice as many as the number of men (10%) in this role.
“The findings of this survey show that the situation in the industry is changing, but it’s far from ideal and we are still lacking a strong representation of women. It’s not just a question of finding the perfect ratio of men and women. In the in-depth interviews with CISOs, many of them say that there are not enough female applicants in the pipeline. So, to address the gender gap in cybersecurity, we should encourage women to choose this career path,” – comments Evgeniya Naumova, acting Managing Director, Europe, at Kaspersky.
Kaspersky is committed to encouraging women in the cybersecurity industry and tackling gender biases. Among its initiatives, the company created an online community, Women in Cybersecurity, aimed at supporting the career growth of women entering the cybersecurity industry and those already working in the field. Kaspersky partners with Girls in Tech to support AMPLIFY, a startup competition for women founders for seed funding. The company regularly holds CyberStarts events in the USA and Europe, which empowers the next generation of cybersecurity professionals. One of the event’s key topics is actions to reduce the gender gap in cybersecurity.