Computer science has long been a male-dominated field and women have struggled almost as long to gain an equal foothold in the industry. The second annual Women in Cybersecurity conference is happening in Atlanta from March 27 to 28 and with it comes a further look into one of the toughest career sectors for female employees to succeed in.
As a whole, STEM — science, technology, engineering and math — fields are severely lacking in the number of women they employ. A 2011 study by the U.S. Census Bureau shows that 26 percent of STEM workers that year were female, while 74 percent were male. The underwhelming figures are even more striking when looking at cybersecurity in particular: Only 11 percent of workers in that industry, on a global scale, are women.
However, the problem is not limited to just the lack of hiring opportunities for women in cybersecurity: The levels of pay for men and women doing the exact same work are highly unbalanced. A report published by the Global Information Security Workforce showed that male and female employees who both worked an average of 12 years as “doers,” a category including positions like security analysts and compliance auditors, had a difference in pay up to $10,000. The median annual salary for a woman in that position was $85,000. For a man, it was $95,000. And education did not positively influence salary level: 91 percent of the women in the survey had a bachelor, masters or doctorate degree, whereas only 85 percent of the men surveyed did.
Audrey Gendreau, an assistant professor of computer science at Saint Leo University, wrote a recent blog post about the imbalance of male and female interests in cybersecurity. She attributes the lack of female students partially to a difference in interests.
“There’s only one woman in my entire [cybersecurity] class of 30 students,” she said. “I think what’s driving interest in computing is video games and hacking — breaking into things — and that appeals to men. Women tend to be more interested in creating and building.”
However, she also acknowledges that gender differences could be a boon to the cybersecurity industry.
“It’s a very opportunistic time because not very many women are in [the field],” she wrote. “I’ve been told by security experts in the Department of Defense that they need a woman’s perspective for a well-rounded team.”
Dr. Jane LeClair is the chief operating officer of the National Cybersecurity Institute at Excelsior College in Washington. She has done several presentations and written several papers on the subject of gender inequality in the cybersecurity industry and argues that the scope of equality should be widened beyond women simply gaining access to jobs.
“In education, we’re always working to get [women] in there. But if they’re not staying, that’s not helping anything, really,” LeClair told the Washington Examiner. “So I think what we’ve got to think about is what do we have to do in the workplace to make them stay. I previously worked in commercial nuclear power for 20 years, and we had very few women in there … and then when they did come in, they frequently didn’t stay … because you had an atmosphere that wasn’t welcoming.”
Some would argue that STEM companies have vastly improved in the safety of their workplaces and the number of opportunities offered to women. While LeClair acknowledges that offices and workspaces are less openly hostile than they have been in the past, sexism is still alive — but wearing a different mask.
“If you were to go back 20 years, they were more overt, where someone would grab at you or hug you or those types of things,” she said. “Nowadays, it’s become more the issue of having to demonstrate your competence, my competence, more than others. Two-thirds of women surveyed reported that they had to demonstrate their competence more often than their male counterparts.”
Women are more often told they need to improve in performance reviews, but not because they’re necessarily bad employees.
“It’s a bias in there that you’re not doing as well because … when you do speak up, now you’re being abrasive, and abrasive is a word that is used a lot to describe women who try to speak up in the workplace,” LeClair said.
The news is not all bad: The census data shows that most of the STEM occupations are increasing the number of women who are hired and stay on. But computer science alone has dipped since its number of female employees peaked in the 1990s, ending up with about 27 percent female workers, compared to 61 percent in social science and 41 percent in life and physical science.
A common method to help foster a healthy work environment is mentoring minorities. However, this does not help to positively influence the people who are contributing to and creating the oppressive environment, LeClair said.
“Everybody says mentor, mentor, mentor. Well, I think mentoring is good but that’s not going to change your workplace, necessarily,” she said.
While a permanent solution to the gender inequality in the cybersecurity field has not yet been discovered, LeClair says one thing companies can do differently is to look at themselves honestly.
“Organizations have to realize their culture. Until they realize that the culture isn’t welcoming, you’ve got to be tough enough to tough it out. … If you want people to come in and stay, you’ve got to think about what the situation is.”
