Thu | Apr 11, 2024 | 12:21 PM PDT

A first-of-its-kind study by Women in CyberSecurity (WiCyS) has revealed sobering findings about the lack of inclusion and barriers faced by women in the cybersecurity industry. The 2023 State of Inclusion Benchmark in Cybersecurity report quantifies the dramatically worse workplace experiences of women compared to men across virtually every measured category.

The report's key findings are eye-opening. When averaged across all experience categories such as respect, career growth, access, and recognition, women faced exclusion at twice the rate of men. A startling statistic shows women are "roughly 5X more likely than men to cite their Direct Managers and Peers as sources of experiences that interfere with their satisfaction and their ability to perform at their peak."

The qualitative experiences shared by survey participants vividly illustrate the challenges. As one woman stated, "After introducing myself, I have had individuals ask to speak to a 'guy who works in IT' instead of me." Another recounted, "Male peers would have important work conversations at lunch when I was not with them... ignoring my absence, hence my potential contribution."

In a press release from WiCyS, Executive Director Lynn Dohm said: "Previous research has consistently shown a distinct underrepresentation of women in cybersecurity, but we've been in the dark about the root causes and the solutions. This revolutionary study changes that narrative. Armed with hard data and compelling firsthand accounts, we're shedding light on the specific obstacles that women face. For the first time, we're equipped with both the quantitative data and qualitative stories necessary to identify and dismantle the systemic barriers that hinder the recruitment, hiring, retention and advancement of women in cybersecurity."

[RELATED: WiCyS Launches Speaker Program to Give Voice to More Women in Cyber]

The impact of exclusion appears to be magnified for women with intersecting identities. As the report states, "When considering all identity traits, it was found that the level of exclusion continued to increase depending on the degree of intersectionality."

Callie Guenther, Senior Manager of Cyber Threat Research at Critical Start, affirmed these findings: "Women in cybersecurity often feel marginalized due to a predominance of male colleagues, which can lead to a sense of isolation and underrepresentation. This is compounded by instances of unconscious bias, where women's contributions are often undervalued and/or overlooked."

Poornima DeBolle, Co-founder and Chief Product Officer at Menlo Security, shared her personal experience: "When I am in customer or partner meetings, people on the other side of the table will engage and ask follow-up questions with my team members in the meeting rather than me. It has happened enough times that we are all well-versed in handling these situations."

The report also emphasizes the costs organizations incur due to lack of inclusion, estimating potential productivity losses and employee attrition costs in the millions for a large company.

The WiCyS report offers recommendations, including implementing anti-bias training, ensuring equal opportunities for advancement, supporting work-life balance initiatives, and utilizing tools to calculate the financial impact of exclusion.

Monique Becenti, Director of Product at Zimperium, underscored the importance of such efforts: "Organizations need to prioritize these initiatives to create environments where all individuals feel valued, respected, and empowered to succeed."

With this groundbreaking data, the cybersecurity field can no longer ignore the pervasive exclusion and barriers faced by women and minorities. As Hen Amartely, Director of Product Marketing at DoControl, stated, "It's important for women to advocate for themselves in these situations, whether by speaking up in meetings, documenting achievements, or seeking out opportunities to showcase their work independently."

The 2023 State of Inclusion Benchmark in Cybersecurity lays bare the profound challenges of inclusion in cybersecurity. The onus is now on organizations and the broader community to take concrete actions to level the playing field and harness the full potential of a diverse workforce. Failing to do so will perpetuate the alienation and loss of valuable talent and perspectives.

To help raise awareness and drive change around these critical inclusion issues in cybersecurity, SecureWorld has partnered with WiCyS on a series of events and initiatives focused specifically on promoting diversity, equity, and inclusion within the industry.

You can connect with WiCyS representatives from local affiliates at SecureWorld's regional cybersecurity conferences.

Women in CyberSecurity (WiCyS) is a non-profit organization dedicated to the recruitment, retention, and advancement of women in the cybersecurity field. To learn more and get involved, visit