Women make up a larger percentage of new entrants to the field and are taking leadership positions and hiring roles, but challenges like pay disparity and discrimination persist

Alexandria, Va., April 25, 2024 ISC2 – the world’s leading nonprofit member organization for cybersecurity professionals – today published its latest research, Women in Cybersecurity. The study, which gathered responses from 2,400 women who participated in the latest ISC2 Workforce Study (17% of the total 14,865 cybersecurity practitioners surveyed), unveiled several encouraging trends such as women's pathways into the profession, their roles within teams and similarities with men in terms of achievements, but revealed that further efforts are needed to support women in the cyber workforce.

With the average representation of women on cybersecurity teams standing at 23%, attracting and retaining more diverse individuals is essential to address the cyber workforce gap of 4 million individuals globally. Despite women still representing a minority in the cybersecurity profession, ISC2 observed an increase in diversity within the younger workforce. Among respondents in the “under 30” age category, 26% identified as women, while only 13% of respondents in the “65 or older” age category were women. By 2025, research predicts that women will represent 30% of the global cybersecurity workforce, increasing to 35% by 2031.

The research reveals that a higher proportion of women acknowledge the importance of diversity on their security team than men (76% vs. 63% respectively), and 78% of women feel that an inclusive environment is essential for their team’s success. Yet, 11% of the workforce study participants said they had no women on their security teams and 21% of men did not know the proportion of women on their security team compared to 13% of women.

“It’s great to see incremental progress of younger women entering cybersecurity, however, it’s not enough and more needs to be done. We must continue to build a culture for all women that creates a sense of belonging that results in the retention of women in cybersecurity careers,” said ISC2 CEO Clar Rosso, CC. “Research reveals that the most engaged women in cybersecurity work at organizations that invest time and resources into diversity, equity and inclusion (DEI) initiatives such as offering competitive pay, hosting mentorship programs and establishing an inclusive culture that fosters professional development opportunities.”

Diving Deeper into the Findings

With progress being made, the research explores that there’s still work to be accomplished around supporting gender representation, advocating for DEI activities and eliminating workplace discrimination and salary inequities. Additional findings include:

  • Cloud Services, Automotive, and Construction are the industries with the highest percentage (28%) of women on security teams, while Military and Utilities had the lowest (20%).
  • Women have an average salary of $109,609 compared to $115,003 for men – a difference of $5,400.
  • 36% of women felt that they could not be authentic at work, compared to 29% of men.
  • South Asian (48%), Black or African descent (43%) and Hispanic or Latinx (42%) women were most likely to report feeling like they can’t be their authentic self at work.
  • 29% of women reported feeling discriminated against in the workplace compared to 19% of men.
  • Women of Black or African descent in Canada/United Kingdom/Ireland reported the highest levels of discrimination, with 53% feeling discriminated against.
  • 69% of women respondents said DEI will continue to become more important for their security teams over the next five years (compared to 55% of men).
  • 66% of women say diversity has contributed to their security team’s success and 78% of women believe an inclusive environment is essential for the team’s success.
  • Women reported lower cybersecurity staffing shortages at their organizations than male participants (62% vs. 68%), with their organizations sourcing talent from other departments, implementing job rotations, and hiring those without cyber experience at higher rates.
  • Women reported higher rates of pursuing cybersecurity in school (14%), compared with men (10%). 
  • Women want to work in a constantly evolving field (21%) and one where they can help people and society (16%) at higher rates than men (18% and 14%, respectively).

The survey presents valuable key takeaways for leaders to help increase women’s participation and satisfaction in cybersecurity, including setting specific hiring, recruitment and advancement metrics, making pay equity a priority and eliminating inequities around advancement. Other areas for improvement include the need for organizations to better communicate the importance of diversity and inclusivity, as well as establish clear guidelines to prevent workplace discrimination.

To explore the full study about women in the cybersecurity industry, please visit: https://www.isc2.org/women-in-cyber.


Findings in this report are derived from the 2023 ISC2 Cybersecurity Workforce Study based on online survey data collected in collaboration with Forrester Research, Inc. in April and May 2023 from 14,865 cybersecurity practitioners (2,400 of whom identified as female). The respondents reside in North America, Europe, Asia, Latin America, the Middle East and Africa. A detailed explanation of the estimation methodology for the Cybersecurity Workforce Gap is included in the report at www.isc2.org/research.

About ISC2
ISC2 is the world’s leading member organization for cybersecurity professionals, driven by our vision of a safe and secure cyber world. Our more than 600,000 members, candidates and associates around the globe are a force for good, safeguarding the way we live. Our award-winning certifications – including cybersecurity’s premier certification, the CISSP® – enable professionals to demonstrate their knowledge, skills and abilities at every stage of their careers. ISC2 strengthens the influence, diversity and vitality of the cybersecurity profession through advocacy, expertise and workforce empowerment that accelerates cyber safety and security in an interconnected world. Our charitable foundation, The Center for Cyber Safety and Education, helps create more access to cyber careers and educate those most vulnerable. Learn more and get involved at ISC2.org. Connect with us on X, Facebook and LinkedIn.

© 2024 ISC2 Inc., ISC2, CISSP, SSCP, CCSP, CGRC, CSSLP, HCISPP, ISSAP, ISSEP, ISSMP, CC, and CBK are registered marks of ISC2, Inc.

Media Contact:
Amanda Steinman
Senior PR Manager