Increasing the numbers of women and minorities in cybersecurity isn't just good for the individuals involved, it's good for the practice of security. Here's a look at what's holding them back and what can be done about it. Credit: Rawpixel Our world is getting increasingly digitized, and cybercrime continues to break new records. As cyber risks intensify, organizations are beefing up defenses and adding more outside consultants and resources to their teams. But to their sad misfortune, they are getting hit by a major roadblock—a long-standing shortage of qualified cybersecurity talent.A closer look at the numbers reveal an even more startling statistic: women comprise only 25% of the cybersecurity workforce, according to research from ISC2, despite outpacing men in overall college enrollment.There are a number of reasons why women and minorities pursuing cybersecurity careers can be significantly beneficial to the overall industry. Here are two: People from different genders, ethnicities and backgrounds can provide a fresh perspective to solving highly complex security problems. And then there’s the simple fact that leaving cybersecurity jobs unfilled puts businesses at risk. As the cybersecurity skills gap continues to grow, that risk only increases.3 potential barriers preventing women and minorities from pursuing careers in cybersecurity1. Women and minorities are underrepresented in computing and engineering According to Pew research, women make up 25% of those employed in computer occupations and 15% of those working in engineering occupations, while representation among Black and Hispanic people in these fields is even lower (7% and 8% respectively in computer occupations and 5% and 9% respectively in engineering occupations). Cybersecurity is obviously a related field, so its workforce representation bears a direct correlation with the above statistics. And, in a sign that the these employment numbers aren’t likely to change anytime soon: Just 7% of bachelor’s degrees in STEM fields went to Black students and 12% went to Hispanic students. 2. Workplaces perpetuate inequity Pew research finds that sizable pay gaps exist “between women and men in STEM jobs as well as across racial and ethnic groups,” with women earning about 74% of what men earn and Black and Hispanic STEM workers earning 78% and 83% respectively of what their white peers earn. In fact, the pay gap for Black and Hispanic STEM workers has widened in recent years.3. Stereotypes and sociocultural factors persistAccording to the American Association of University Women, parents and teachers often carry unconscious biases and gender stereotypes, with parents “often underestimat[ing] girls’ math abilities starting as early as preschool” and female teachers passing on their own math anxiety to girls “often grad[ing] girls harder for the same work, and assum[ing] girls need to work harder to achieve the same level as boys.” In addition, both girls and young people of color suffer from a lack of role models to show them what’s possible.5 steps the cybersecurity industry can take to diversifyAccording to the (ISC)² Cybersecurity Workforce study, there is a combination of initiatives that organizations can launch to improve overall diversity and inclusion in the workplace:Providing mentorship and support: Leaders should make it their mission to incubate, nurture, and encourage more participation of workers from diverse backgrounds and provide mentorship pairings.Being flexible: Every business has a part to play when it comes to meeting the requirements of the employee, whether it’s offering paternity or maternity leave, flexible schedules, or hybrid-work arrangements, businesses must go the extra mile to support the diverse needs of a diverse workforce.Improving hiring practices: Businesses can focus on improving job descriptions. Ensuring that job descriptions are gender-free and neutral in tone and de-emphasizing technology knowledge in favor of creative thinking will attract candidates from diverse backgrounds and cultures.Eliminating pay and promotion gaps: Businesses should ensure that any pay or promotion gaps are eliminated. Giving equal opportunities to women and underrepresented minorities not only enhances their economic security but also prevents biases (and resentments) in the workplace.Promoting women and minorities to leadership roles: Change starts at the top and having role models from diverse backgrounds always helps instill confidence and inspire people to achieve more.Help at hand: Scholarships for women and minorities For those women and minorities excited about cybersecurity, applying for scholarships might be a great way to kickstart a career. Below is a list of resources that can help:The Women in Cybersecurity Security training scholarship (in association with Google, Bloomberg and Facebook)The Microsoft Cybersecurity Scholarship program (powered by Last Mile Education Fund)(ISC)² Women’s Scholarships (in association with KnowBe4)The Security Industry Association) Women in Security Forum Scholarship programGenCyber Girls in CybHER® Security Camp 2022 (sponsored by NSA)Lauro Garner Minority Cybersecurity Scholarship (in association with Mercer University)Cyber Security Scholarship (sponsored by Towerwall and MassBay Community College) [Disclosure: The author is Founder & CEO of Towerwall]The technology industry in general has faced a dramatic shortage of talent and especially so for women and minorities. Perhaps the current labor shortage can awaken some sleeping giants and harness the untapped potential for innovation that women and minorities can bring to the industry. Related content opinion 6 steps for third-party cyber risk management If you have third-party partners, you need a third-party cyber risk management program. Here are six key steps to follow. By Michelle Drolet Sep 30, 2021 4 mins Risk Management Security Practices Security opinion 5 open source intrusion detection systems for SMBs If you don’t have a lot of budget at your disposal, these open-source intrusion detection tools are worth a look. By Michelle Drolet Nov 13, 2020 5 mins Intrusion Detection Software Security feature 6 steps to building a strong breach response plan Cybersecurity resilience depends on having a detailed, thorough, and tested breach response plan in place. Here's how to get started. By Michelle Drolet Oct 07, 2020 5 mins Security opinion 7 things to consider when choosing managed detection and response Many organizations lack the internal expertise to address threat detection and response effectively; MDR can fill the gap. Here’s what to look for when you shop for MDR services. By Michelle Drolet Aug 24, 2020 4 mins Intrusion Detection Software Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe