Survey respondents were divided into two job title categories: Leaders and Doers. The Leaders (3,466 respondents) category included job titles such as executives, managers, and strategic advisors. Doers (2,348 respondents) included respondents with job titles such as security analysts and compliance auditors.
In the Leaders category, more women (34 percent) were in consultant and advisor job titles than men (26 percent), and more than twice as many men as women were network security or software architects. In the Doers category, 38 percent of women cited security analyst as their job title versus 27 percent of men. However, a higher proportion of men held security engineer and network administrator job titles. The 2013 Global Information Security Workforce Study identified "security analyst" as the number one most needed position in the information security industry, leading the way for a strong female presence in the future.
The report also looked at average job tenure, median and average annual salary and academic backgrounds. In these categories, the report showed only marginal differences between women and men who work in information security fields:
- Women Leaders have spent an average of 13.5 years in the field, compared to men at 13.6 years.
- Women and men Leaders both command an annual average median salary of US$105,000 per year.
- 91 percent of women Leaders hold a bachelor's, master's or a doctoral degree vs. 89 percent of men Leaders.
"The report data indicates that the perspectives of women offer viewpoints needed to elevate the security industry to the next level," added Michael Suby, author of the report and vice president of research at Frost & Sullivan.
While technical skills are integral to developing a strong security posture within organizations, it's important to supplement the proper skills and perspectives necessary to make impactful businesses decisions.
The report findings also demonstrate that the surveyed women believe a successful information security professional should maintain a variety of skills vs. surveyed men, who believe technical skills should be the priority. Women reported the following as the key attributes of a successful information security professional:
- Communication skills
- Broad understanding of the security field
- Awareness and understanding of the latest security threats
- Security policy formulation and application
- Leadership skills
- Business management skills.
"The identified shortage of women in the industry only reiterates the importance of our Foundation offerings like the women's scholarships we award annually to female students aspiring to obtain information security careers, and the Safe and Secure Online program, which brings (ISC)2-certified cyber security experts into classrooms to teach children how to become responsible digital citizens while introducing them to a career in cyber security," said Julie Peeler, director of the (ISC)² Foundation.
"(ISC)2's Chapters are also offering women in security mentoring and awareness programs within their local communities to recruit more women into the field, but we need a broader and deeper level of education and engagement for women at a younger age before we can realize the level of impact required to solve the workforce shortage."