• United States




Diversity in cybersecurity: Barriers and opportunities for women and minorities

Dec 23, 20215 mins
Diversity and InclusionHiringSecurity

Increasing the numbers of women and minorities in cybersecurity isn't just good for the individuals involved, it's good for the practice of security. Here's a look at what's holding them back and what can be done about it.

Our world is getting increasingly digitized, and cybercrime continues to break new records. As cyber risks intensify, organizations are beefing up defenses and adding more outside consultants and resources to their teams. But to their sad misfortune, they are getting hit by a major roadblock—a long-standing shortage of qualified cybersecurity talent.

A closer look at the numbers reveal an even more startling statistic: women comprise only 25% of the cybersecurity workforce, according to research from ISC2, despite outpacing men in overall college enrollment.

There are a number of reasons why women and minorities pursuing cybersecurity careers can be significantly beneficial to the overall industry. Here are two: People from different genders, ethnicities and backgrounds can provide a fresh perspective to solving highly complex security problems. And then there’s the simple fact that leaving cybersecurity jobs unfilled puts businesses at risk. As the cybersecurity skills gap continues to grow, that risk only increases.

3 potential barriers preventing women and minorities from pursuing careers in cybersecurity

1. Women  and minorities are underrepresented in computing and engineering

According to Pew research, women make up 25% of those employed in computer occupations and 15% of those working in engineering occupations, while representation among Black and Hispanic people in these fields is even lower (7% and 8% respectively in computer occupations and 5% and 9% respectively in engineering occupations). Cybersecurity is obviously a related field, so its workforce representation bears a direct correlation with the above statistics. And, in a sign that the these employment numbers aren’t likely to change anytime soon: Just 7% of bachelor’s degrees in STEM fields went to Black students and 12% went to Hispanic students. 

2. Workplaces perpetuate inequity

Pew research finds that sizable pay gaps exist “between women and men in STEM jobs as well as across racial and ethnic groups,” with women earning about 74% of what men earn and Black and Hispanic STEM workers earning 78% and 83% respectively of what their white peers earn. In fact, the pay gap for Black and Hispanic STEM workers has widened in recent years.

3. Stereotypes and sociocultural factors persist

According to the American Association of University Women, parents and teachers often carry unconscious biases and gender stereotypes, with parents “often underestimat[ing] girls’ math abilities starting as early as preschool” and female teachers passing on their own math anxiety to girls “often grad[ing] girls harder for the same work, and assum[ing] girls need to work harder to achieve the same level as boys.” In addition, both girls and young people of color suffer from a lack of role models to show them what’s possible.

5 steps the cybersecurity industry can take to diversify

According to the (ISC)² Cybersecurity Workforce study, there is a combination of initiatives that organizations can launch to improve overall diversity and inclusion in the workplace:

  1. Providing mentorship and support: Leaders should make it their mission to incubate, nurture, and encourage more participation of workers from diverse backgrounds and provide mentorship pairings.
  2. Being flexible: Every business has a part to play when it comes to meeting the requirements of the employee, whether it’s offering paternity or maternity leave, flexible schedules, or hybrid-work arrangements, businesses must go the extra mile to support the diverse needs of a diverse workforce.
  3. Improving hiring practices: Businesses can focus on improving job descriptions. Ensuring that job descriptions are gender-free and neutral in tone and de-emphasizing technology knowledge in favor of creative thinking will attract candidates from diverse backgrounds and cultures.
  4. Eliminating pay and promotion gaps: Businesses should ensure that any pay or promotion gaps are eliminated. Giving equal opportunities to women and underrepresented minorities not only enhances their economic security but also prevents biases (and resentments) in the workplace.
  5. Promoting women and minorities to leadership roles: Change starts at the top and having role models from diverse backgrounds always helps instill confidence and inspire people to achieve more.

Help at hand: Scholarships for women and minorities 

For those women and minorities excited about cybersecurity, applying for scholarships might be a great way to kickstart a career. Below is a list of resources that can help:

  • The Women in Cybersecurity Security training scholarship (in association with Google, Bloomberg and Facebook)
  • The Microsoft Cybersecurity Scholarship program (powered by Last Mile Education Fund)
  • (ISC)² Women’s Scholarships (in association with KnowBe4)
  • The Security Industry Association) Women in Security Forum Scholarship program
  • GenCyber Girls in CybHER® Security Camp 2022 (sponsored by NSA)
  • Lauro Garner Minority Cybersecurity Scholarship (in association with Mercer University)
  • Cyber Security Scholarship (sponsored by Towerwall and MassBay Community College) [Disclosure: The author is Founder & CEO of Towerwall]

The technology industry in general has faced a dramatic shortage of talent and especially so for women and minorities. Perhaps the current labor shortage can awaken some sleeping giants and harness the untapped potential for innovation that women and minorities can bring to the industry.


Michelle Drolet is a seasoned security expert with 26 years of experience providing organizations with IT security technology services. Prior to founding Towerwall (formerly Conqwest) in 1993, she founded CDG Technologies, growing the IT consulting business from two to 17 employees in its first year. She then sold it to a public company and remained on board. Discouraged by the direction the parent company was taking, she decided to buy back her company. She re-launched the Framingham-based company as Towerwall. Her clients include Biogen Idec, Middlesex Savings Bank, PerkinElmer, Raytheon, Smith & Wesson, Covenant Healthcare and many mid-size organizations.

A community activist, she has received citations from State Senators Karen Spilka and David Magnani for her community service. Twice she has received a Cyber Citizenship award for community support and participation. She's also involved with the School-to-Career program, an intern and externship program, the Women’s Independent Network, Young Women and Minorities in Science and Technology, and Athena, a girl’s mentorship program.

Michelle is the founder of the Information Security Summit at Mass Bay Community College. Her numerous articles have appeared in Network World, Cloud Computing, Worcester Business Journal, SC Magazine, InfoSecurity,, Web Security Journal and others.

The opinions expressed in this blog are those of Michelle Drolet and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

More from this author