Top of Page

(ISC)² Study Finds U.S. Minority Cybersecurity Professionals Underrepresented in Senior Roles

32% of cybersecurity professionals of color have experienced discrimination

Clearwater, FL, March 15, 2018 (ISC)² – the world’s largest nonprofit association of certified cybersecurity professionals – today published the report Innovation Through Inclusion: The Multicultural Cybersecurity Workforce. (ISC)², the International Consortium of Minority Cybersecurity Professionals (ICMCP) and the Center for Cyber Safety and Education commissioned the study to measure minority representation in the U.S. cybersecurity profession and to better understand the challenges these highly skilled individuals experience. 

“While minority representation within the cybersecurity field (26%) is slightly higher than the overall U.S. minority workforce (21%), our study did reveal that racial and ethnic minorities tend to hold non-managerial positions, and pay discrepancies, especially for minority women, is a challenge,” said (ISC)² CEO David Shearer, CISSP. “In order to build strong, adequately staffed cybersecurity teams, employers – and the cybersecurity profession as a whole – must make cybersecurity a rewarding and welcoming career for everyone. Understanding the challenges our profession faces related to diversity is a critical first step to accomplishing that goal and ultimately addressing the widening cybersecurity workforce gap.”

“The under-participation by large segments of our society represents a loss of opportunity for individuals, a loss of talent in the workforce, and a loss of creativity in shaping the future of cybersecurity,” said ICMCP President Aric K. Perminter. “Not only is it a basic equity issue, but it threatens our global economic viability as a nation. This research underscores the importance of our mission. The ICMCP Educational Security Operations Centers (ESOCs) provide innovative, effective and timely solutions to the cybersecurity demands of employers – from cyber ranges and certification training to NICE curriculum and job placement.” 

Findings are based on survey responses from 9,500 U.S. cybersecurity professionals. Key insights from the study include:

  • 23% of minority cybersecurity professionals hold a role of director or above, compared to 30% of their Caucasian peers
  • 62% of minorities in cybersecurity have obtained a master’s degree or higher, compared to 50% of professionals who identified as Caucasian
  • On average, a cybersecurity professional of color earns $115,000, while the overall U.S. cybersecurity workforce average is $122,000
    • Men of color are slightly behind their Caucasian male peers by $3,000, while women of color make an average of $10,000 less than Caucasian males and $6,000 less than Caucasian females
    • In addition to a higher average salary, Caucasian workers were more likely to have received a salary increase within the past year, as compared to other races and ethnicities
  • 32% of cybersecurity professionals of color report that they have experienced some form of discrimination in the workplace
  • In the U.S., 17% of the cybersecurity workforce who identify as a minority are female, proportionally exceeding overall female representation (14%) by a margin of 3%
  • To foster diversity in the workplace, 49% of minority cybersecurity professionals said mentorship programs are very important

Read the Innovation Through Inclusion: The Multicultural Cybersecurity Workforce report at or

For the first time, the Global Information Security Workforce Study features a deeper dive into the diverse composition of the U.S. cybersecurity workforce to encompass not only gender, age and tenure, but ethnicity and race as well. This is the 8th edition of the study. The Center for Cyber Safety and Education partnered with (ISC)² , Booz Allen Hamilton (Presenting sponsor), Alta Associates (Gold sponsor), and Frost & Sullivan to examine the state of the response to these developing risks in the 2017 Global Information Security Workforce Study (GISWS). Questions of race and ethnicity were posed to 9,500 respondents in the United States. The results of that study are detailed in the Innovation Through Inclusion: The Multicultural Cybersecurity Workforce report developed by (ISC)² in partnership with the International Consortium of Minority Cybersecurity Professionals (ICMCP).



The International Consortium of Minority Cybersecurity Professionals (ICMCP) is a 501(c)(3) non-profit

organization. It began official operations in September 2014 and is organized exclusively for charitable purposes, to provide members with educational/technical scholarships, mentoring opportunities, professional development, and networking opportunities. For more information or to become a sponsor, please visit, follow @ICMCP_ORG on Twitter or visit the ICMCP LinkedIn page.


About Center for Cyber Safety and Education

The Center for Cyber Safety and Education (the Center), is a non-profit charitable trust committed to making the cyber world a safer place for everyone. The Center works to ensure that people across the globe have a positive and safe experience online through their educational programs, scholarships, and research. Visit


About (ISC)²

(ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, (ISC)2 offers a portfolio of credentials that are part of a holistic, programmatic approach to security. Our membership, over 130,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – the Center for Cyber Safety and EducationTM. For more information on (ISC)², visit, follow us on Twitter or connect with us on Facebook

© 2018, (ISC)² Inc., (ISC)², CISSP, SSCP, CCSP, CAP, CSSLP, HCISPP, CCFP, CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP and CBK are registered marks, of (ISC)², Inc.