As part of our annual research into the gender pay gap in cyber security, BeecherMadden has reviewed the number of women within the industry. Recently, there has been a lot of discussion about how many women are now working within cyber. The 11% figure has been used for several years and didn’t appear to have changed until recently. However, the question is being asked as to how accurate that figure is. In 2017, (ISC)² still found that the 11% figure was still unchanged. Cyber Security Ventures, put the number at 20% in a study from summer 2018.

In general, events that we attend as a company seem to have far more women attending than they did 5 years ago.

We also have far more female candidates and almost all our clients are keen to attract women into their teams. With so much attention on improving the diversity of the industry, it seemed odd that the number of women working in the industry remained unchanged. So, we undertook a much broader piece of research for this year’s gender report. We reviewed data from a variety of sources, giving us tens of thousands of participants, more than ever before. This showed us that the UK cyber security industry is now 18% female. We also reviewed our own database and found that 20% is now female, an increase of 6% since 2015.

It is an exciting thought that attraction programmes for women in the industry have been working. With cyber security constantly appearing in main stream news, it is nice to think that this has introduced the idea of a career in the industry to a new group of people. There has also been a push to introduce cyber security as a career to school leavers and graduates. With support groups and networking groups designed to attract women into cyber, it is also possible that this additional support from the industry has contributed to the increase. Maintaining this growth will be important if we are to continue to improve. One way of doing this, is for companies to offer training to those returning to work. This is the focus of my previous article for Forbes, and also an article on what women can do to retrain.

Attracting more women into cyber security is an important goal. It makes business sense. Having more women in security teams, may help companies to better protect their customer. In America, women control 83% of all spending decisions. As more spending moves online, having security processes that consider the end customer, is becoming ever more important. With women driving this level of spend, it isn’t surprising that women are 26% more likely to have their identity stolen. As well as ensuring higher security, companies with more women in their leadership teams perform better. A report called The Bottom Line: Corporate Performance and Women’s Representation on Boards, found that companies with more women on their board had a 42% higher return on sales and turned capital into profit, 66% more successfully.

Given that increasing the number of women in cyber security is a goal that many companies hold, we should all be pretty pleased that we have started making progress. 18% still doesn’t go far enough and while 50% may seem far away, there are some companies at this level already. I would encourage every company with a commitment to increasing diversity, to consider what has worked for them already, and what more they can do. Perhaps then, we can accelerate the rate of change and get closer to that 50% goal. If you would like some help on improving the diversity of your team, BeecherMadden would be happy to offer suggestions of what we have seen work so far.

As with the research from Cyber Security Ventures, our research includes all of those in the security industry. This broader definition includes digital forensics and privacy as well as some security vendor companies. It doesn’t include IoT companies, or those who work in risk or compliance, which has traditionally had a higher percentage of female candidates.