Ah, finally the warm weather of spring has now come upon us here in Chicago.  It was great the last two mornings, walking to my car to drive to work and hearing the birds chirping.  Sure, a far cry from three months when we had the polar vortex.  

Anyways, as I was driving, I heard a report on the radio as to how good the jobs market here is in the United States, and I will have my views on it, at least the statistics on it are correct.

Probably one of the areas that is fueling this job market is the unquenchable thirst for Cybersecurity professionals.  There is still a huge shortage of workers in this industry, and it is estimated that some 4 million jobs will still go unfulfilled by the year 2020.  Yes, Cybersecurity is a very red-hot field to get into, but a lot also depends on how experience and the jobs that you are trying to seek.

Just recently, I wrote a series of articles on the lack of skilled Cybersecurity professionals, and what areas will continue to be in demand in the coming years.  But that will be the focal point for a future blog.  Today, one of the key areas of shortages in Cybersecurity is the lack of women workers, especially at the C-Level. 

A very well and established IT cert company known as ISC(2) just announced the release of their research study known as the “2019 Women In Cybersecurity”.  Here are some of the key findings of it:

*Women now make 24% of the total Cybersecurity workforce, which has the highest it has ever been.

*44% of the women that are coming into this workforce are of the millennial generation, whereas only 33% of men come from this particular generation.

*52% of women in Cybersecurity actually now hold an advanced degree (such as that of an MBA, Master of Science, etc.) versus only 44% of the males.

*It also appears that women are making the ranks of the C-Suite more so than their male counterparts.  For example:

1) For the Chief Technology Officer (CTO) role, 7% are women versus only 2% of men;

2) For the Vice President of IT role, 9% are women versus only 5% of men;

3) For the Director of IT role, a staggering 18% are women versus only 14% of men;

4) For the Chief Information Officer/Chief Information Security Officer (CIO/CISO) role, 28% are  women versus only 19% of men.

But despite this good news, there is bad news as well, especially when it comes to the wage inequality gap between males and females.  Here is what the report found in this regard:

*Only 17% of women earn between $50,000-$90,000, as compared to 29% of men who make the same amount.

* Only 15% of women earn between $100,000-$499,000 as compared to 20% of men who make the same amount.

The report also discovered these similarities between the men and women working in Cybersecurity:

*The lack of commitment from upper management (especially the C-Suite);

*The Cyber reputation of the business or corporation that they work for;

*The potential of their jobs being outsourced;

*Strong concerns for a work/life balance;

*The threat of Artificial Intelligence (AI) and Machine Learning (ML) automating more jobs;

*A sheer lack of communication flows between employees and management when it comes to addressing Cybersecurity threats, needs and issues.

My thoughts on this?

I find that this report is actually very encouraging.  For the longest time, I have been reading in the headlines as to how women are having such a hard time entering into the field of Cybersecurity.  But now, it seems like that the barriers are now starting to get eradicated, bit by bit.  But, I also found some areas of the report quite interesting as well, which are as follows:

*The number of women holding advanced degrees versus their male counterparts.  I usually just that if one had the experience and the right mix of certs, pretty much anybody could get a job.  But it seems like now that Corporate America is starting to place a higher value on having an advanced education.

*I found it quite surprising that in terms of the C-Level+ titles, that women are far outstripping the men in getting these positions.  At least based from the many podcast interviews I have done, these titles have been male dominated (I actually did interview one-woman last week on a podcast, and she had a C-Level title). 

*I knew that there were wage discrepancies between men and women workers in the Cybersecurity, but I never realized that the differences were that huge, especially when it came to the $100,000+ income bracket level.  In my view, I think women should be paid the same amount as men, as long as both sides can deliver the same amount and quality of work that is expected of them. 

After all, in the end, why should gender even matter as long as the organization is maintaining good levels and continues to be proactive about their “Cyber Hygiene”.

*Despite the differences that have been found in this study, I also found it to be quite startling that both women and men Cybersecurity professionals share the same type of “complaints”.  Two key areas that still resonate strongly is the lack of commitment from the C-Suite, and a set of best standards/practices in order to improve communication flows between workers and managers, and vice versa. 

Even more surprising to me was that both sides found AI to be a threat to their job.  I don’t really see AI ever becoming a threat, rather there will be more workers needed in this area in order to deploy and fully manage this technology.

So, in the end, the question always remains, as to who makes a better Cybersecurity leader . . . a man or a woman?  Well, both sides have their plusses and minuses, so I cannot really take a side on this one.  From my own experiences, I think guys tend to get more excited about technologies and think more short term.  They also don’t seem to care too much learning about the Cyber techno jargon or the key metrics that comes along with it.

On the other hand, I think women tend to me more grounded in what they do, and think much longer down the road, especially when it comes to the impacts of the decisions that they make today.  They don’t seem to get too excited about the sexy new Cybersecurity technologies that come out (unlike us guys) and are much more focused on the overall Cybersecurity Threat Landscape.

Finally, the ISC(2) report can be downloaded here at this link: