Most women have decided against a cyber security career before 16

By the time they are 15¾, most young women in Europe, Israel, and the US have already decided against a career in cyber security. This, according to a new study by Kaspersky Lab, is a major contributing factor to the industry’s continued struggle to attract female recruits, as it attempts to both narrow the gender gap in IT security and also address the growing skills shortage.

Earlier this year, Frost and Sullivan predicted there would be a shortfall of 1.8 million cybersecurity professionals by 2022. The Global Information Security Workforce Study (GISWS), which is conducted by the analyst firm on behalf of (ISC)² and its Centre for Cyber Safety and Education, recently found that the situation is exacerbated by the fact that women comprise only 11% of the current cybersecurity workforce. Now, global cyber security company Kaspersky Lab, has released the findings of a new study, in a bid to understand why so few women are choosing to work in the sector.

>See also: Embracing women in cyber security: bridging the talent gap

Cyber security’s image among young people needs a revamp, claims Kaspersky Lab, if the industry is going to start encouraging more women into its ranks. The study found the terminology generally associated with cyber security roles – such as ‘hacker’ – is considered to have negative connotations and is unlikely to appeal to young women, two in three of whom say they want to pursue a career they are passionate about instead.

Furthermore, a third of young women think that cyber security professionals are ‘geeks’ and a quarter think they are ‘nerds’, perhaps also contributing to the fact that 78% of young women have never considered a career in cyber security.

Working with industry experts, Kaspersky Lab’s study found that there is a perception problem around cybersecurity careers, and that this, combined with the fact that young women are making their career choices at such a young age, is making it difficult for the industry to encourage women into the sector.

>See also: How can women in the cyber market become more visible?

Adam Maskatiya, General Manager at Kaspersky Lab UK & Ireland said, “We are part of a fast-growing and energetic sector, but there are simply too few women in the workforce. Unfortunately, it’s clear from our research that young women do not perceive cybersecurity to be a viable or attractive career option for them, and they are therefore deciding to pursue different options at a young age, making it hard for us to persuade them otherwise.”

“Helping women to develop the right skills at an education level certainly has an important role to play in overcoming barriers to entry, and a lot of previous reports into STEM subject uptake have discussed this at length. But we believe there’s also a need to change the industry’s image as a whole, and promote the careers within. An important part of that process is making the roles more visible and more enticing, and debunking the stereotype of IT security geeks sitting in a dark room hacking computers.”

With 42% of young people agreeing it is important to have a gender role model in their careers and half of women preferring to work in an environment that has an equal male/female split, Kaspersky Lab is calling for more female role models from within the industry to step up to the task of promoting cyber security careers.

>See also: Women necessary in closing cyber security skills gap

Stuart Madnick, Professor of Information Technologies and founder of the MIT Interdisciplinary Consortium for Improving Critical Infrastructure Cybersecurity commented on the findings, “As shown in the Kaspersky Lab report, young women are often not aware, do not feel prepared, and do not see relatable role models that motivate them to consider cyber security roles. In particular, many individuals have the mistaken belief that cyber security is strictly a technical job requiring strong coding skills. Although that is true for some jobs, cybersecurity threats often come from deficiencies in an organisation’s culture and procedures – having “soft skills” can be as, and sometimes even more, important as technical skills in making a difference in an organisation.

“We have found that workers often seek a job that is meaningful, has an impact on something important, and is fun and engaging. Cybersecurity jobs fit these criteria. We just need to rethink and improve how we communicate this,” he concluded.


The Women in IT Awards is the technology world’s most prominent and influential diversity program. On 22 March 2018, the event will come to the US for the first time, taking place in one of the world’s most prominent business cities: New York. Nominations are now open for the Women in IT USA Awards 2018. Click here to nominate

Avatar photo

Nick Ismail

Nick Ismail is a former editor for Information Age (from 2018 to 2022) before moving on to become Global Head of Brand Journalism at HCLTech. He has a particular interest in smart technologies, AI and...