Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Careers & People

10/7/2019
06:15 PM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
100%
0%

Lack of Role Models, Burnout & Pay Disparity Hold Women Back

New ISACA data emphasizes a gap between men and women who share their opinions on underrepresentation of women and equal pay in the tech industry.

Female representation in technology is in a tough spot: More than half (56%) of women who participated in a new ISACA survey point to a lack of female role models as the primary reason for underrepresentation of women in tech jobs. At the same time, pay disparity, career growth, and other systemic issues keep women from staying in their jobs and moving up in the ranks.

The process of bringing more women into technology moves slowly, but it is happening. An (ISC)² study published earlier this year found women made up 24% of its cybersecurity respondents, up from 11% in 2017. Women proportionately fill more leadership roles and are higher-ranking: 11% of women report to the vice president of IT, compared with 6% of men. 

ISACA recently polled more than 3,500 IT governance, risk, assurance, and security professionals as part of its new report "Tech Workforce 2020: The Age and Gender Perception Gap." Twenty-two percent of respondents are in a cybersecurity role. Most agree women are underrepresented in tech roles around the world; however, men and women differ on why.

"The women in security who were surveyed for this project said the top barrier to women entering the tech industry is that most information technology role models and leaders are male," says Melody Balcet, director of The AES Corporation's Global Cybersecurity Program and former president of the ISACA Greater Washington, DC, chapter.

There are several potential root causes for the imbalance of men and women in technology, says Balcet. Lack of female role models is a key issue that affects the current and future workforce — or so women say. Only 34% of men surveyed think lack of female role models is problematic. Nearly one-third of men claim women find employment in the tech field "less appealing than other sectors," a statement the women "overwhelmingly" disagreed with. 

This isn't the only area with a gender disparity: 65% of men say their employers have a program to promote hiring more women; only 51% of women say the same. More than 70% of men say their employers have a program to encourage promotion of women; 59% of women agree. Nearly half of women say their employers have no program to hire more women for tech roles.

These perceptions, combined with stress, pay disparity, and other factors, makes it harder for women to build security and technology careers. Sixty-four percent of tech pros report burnout or stress in their roles due to heavy workloads (61%), long hours (50%), and lack of resources (48%). Women report this stress at a slightly higher rate of 67%, compared with men at 62%.

Who Gets the Promotion?
ISACA's data also reflected disparities when considering salary negotiation and job promotions. Overall, men reported greater confidence in their understanding of how to advance their careers. Despite this, 74% of women claim to have been offered a salary increase or promotion in the past two years, compared with 64% of their male counterparts. ISACA points out that this could be attributed to organizations' increased focus on addressing gender pay gaps.

(ISC)² found women still face an uphill battle when it comes to compensation. When asked about their salaries for the previous year, 17% of women reported earnings in the $50,000 to $99,999 range, a full 12 percentage points less than men (29%). The disparity is smaller with the next generation: Globally, younger women face a smaller pay discrepancy than older women.

Money isn't the only factor in women's career decisions. Balcet encourages businesses to create opportunities to maintain and advance skills and find ways to make projects meaningful. "Like any person, male or female, women need to see that there is a career path available to them," she says. "If a company has one laid out, but there are other systemic issues that are preventing women from advancing — for example, a lack of inclusion — then women will leave."

All this considered, women tend to stay in security roles longer than their male counterparts, Balcet says. In her experience, male colleagues have been more likely to reach out for exploratory conversations and "network with intent" to scope out potential job opportunities.

In terms of bringing more women into leadership roles, Balcet says more needs to be done to educate experts along the pipeline: Teachers, guidance counselors, career advisers, and human resources professionals can all play a role in bringing more women into technology roles. 

Job Hopping: A Next-Gen Problem
The reasons women in security are likely to change jobs are similar to the reasons of women in IT audit, risk, governance, and other roles, Balcet explains. Primary reasons include better career prospects, higher compensation, an upward career path not available at their current organization, more interesting work, and a better organizational culture.

Seventy percent of the technology workforce is considered "in-play," meaning they "may" or "definitely" anticipate changing jobs within the next two years. This is especially an issue with younger employees, ISACA found. Nearly half of respondents under 30 have changed jobs within the last two years; almost 40% think they'll change jobs or employers in the next two.

This is partly because younger workers are less likely to tolerate stress and burnout than their older counterparts. Data shows employees under 30 are more likely to leave a position if they find another job in a less-stressful environment. ISACA advises learning why employees leave and why they stay, and offer opportunities for advancement and skill training to retain tech pros.

Related Content:

Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "Rethinking Cybersecurity Hiring: Dumping Resumes & Other 'Garbage.'"

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/10/2020
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
Healthcare Industry Sees Respite From Attacks in First Half of 2020
Robert Lemos, Contributing Writer,  8/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: It's a technique known as breaking out of the sandbox kids.
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-20383
PUBLISHED: 2020-08-13
ABBYY network license server in ABBYY FineReader 15 before Release 4 (aka 15.0.112.2130) allows escalation of privileges by local users via manipulations involving files and using symbolic links.
CVE-2020-24348
PUBLISHED: 2020-08-13
njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_json_stringify_iterator in njs_json.c.
CVE-2020-24349
PUBLISHED: 2020-08-13
njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers the issue to be "fluff" in the NGINX use case because there is no remote attack surface.
CVE-2020-7360
PUBLISHED: 2020-08-13
An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. This issue was fixed in version 1.0.7, which was r...
CVE-2020-24342
PUBLISHED: 2020-08-13
Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row.