March is Women’s History Month, and amid the global recognition of women’s contributions across industries, cybersecurity remains a sector where gender diversity still has significant ground to cover. A new series of reports from ISC2 sheds light on the role of women in cybersecurity, highlighting both progress and persistent challenges. As economic pressures weigh on security teams and hiring slowdowns take their toll, women in cybersecurity find themselves navigating an evolving professional landscape.
Women in Cybersecurity: By the Numbers
The cybersecurity industry continues to grapple with a talent shortage, and yet, gender parity remains elusive. According to ISC2’s latest Cybersecurity Workforce Study, women make up an average of just 22% of security teams. While some countries, such as Italy (26.7%), show relatively higher representation, others, like Germany (14.6%), lag behind. The United States, Canada, and the United Kingdom report figures at 18.3%, 21.2%, and 17.9% respectively, reinforcing the global trend of male dominance in the field.
The data further reveals that 16% of organizations reported having no women in their cybersecurity teams at all, and only 5% claim to have achieved gender parity. Larger organizations tend to have slightly better representation, but the differences are marginal—20% for small organizations, 22% for mid-sized businesses, and 23% for large enterprises.
Some industries fare better than others in hiring women cybersecurity professionals. Cloud services and construction lead the way with 27% of their security workforce identifying as female, followed by real estate (26%) and retail (25%). On the other end of the spectrum, military (18%) and legal (19%) report some of the lowest representation rates.
Women in Leadership and Hiring Roles
Despite these challenges, women in cybersecurity are making strides in leadership. Over half (55%) of women respondents in the ISC2 study hold managerial or higher positions, with 7% reaching the C-suite level, including roles such as Chief Information Security Officer (CISO) and Chief Technology Officer (CTO). Additionally, 53% of women in the field are involved in hiring decisions, indicating their growing influence on the industry's future workforce.
Educationally, women in cybersecurity boast strong credentials. Over a third (38%) hold a bachelor’s degree, primarily in cybersecurity, computer information systems, or engineering. Nearly half (48%) have a master’s degree or equivalent, and 9% possess a doctorate or post-doctorate, signaling a highly educated talent pool.
The Impact of Layoffs and Budget Constraints
Economic uncertainty has not spared the cybersecurity sector, and women professionals are feeling the effects more acutely than their male counterparts. The ISC2 study found that 32% of women reported experiencing security team layoffs in the past year, compared to 23% of men. Workforce reductions, hiring freezes, and budget constraints have led to a tangible decline in job satisfaction across the board. While 67% of women cybersecurity professionals still report being satisfied in their roles, this is a notable drop from 82% in 2022.
Cuts to cybersecurity budgets have disproportionately affected women, with 40% reporting reduced financial support for their teams, compared to 36% of men. Likewise, hiring freezes (42% of women vs. 37% of men) and stalled promotions or pay raises (36% of women vs. 31% of men) have contributed to growing concerns about long-term career stability.
Yet, despite these hurdles, women in cybersecurity continue to exhibit a higher degree of workplace optimism. Even in organizations that have experienced layoffs, women’s job satisfaction remains slightly higher than their male counterparts (64% vs. 59%).
The Flexibility Factor
Workplace flexibility has emerged as a crucial factor influencing job satisfaction. Women who work remotely report the highest levels of job satisfaction (73%), compared to 70% of remote-working men. However, the return-to-office mandates imposed by many companies post-pandemic have contributed to an overall dip in workplace happiness.
A separate study by McKinsey found that 40% of employees consider workplace flexibility a top factor in job retention—only slightly behind salary (41%). As organizations reassess remote and hybrid work policies, cybersecurity leaders must recognize the critical role flexibility plays in both retaining and empowering female talent in the field.
Celebrating Women in Cybersecurity
As Women’s History Month unfolds, ISC2 is amplifying the voices of women in cybersecurity through a dedicated research series and a special webinar, From the Inside Out: Increasing Representation and Inclusion of Women in Cybersecurity, set for March 13. The event will feature industry leaders discussing strategies for improving gender diversity in the field and fostering more inclusive workplace cultures.
While the cybersecurity industry has made strides in promoting gender diversity, the latest data underscores the need for continued efforts to close the gap. Women bring valuable expertise, leadership, and decision-making capabilities to the field—qualities that are essential in tackling today’s rapidly evolving cyber threats. As the industry moves forward, fostering a more inclusive and supportive environment for women will be key to strengthening the cybersecurity workforce as a whole.