Women and some racial and ethnic minorities make lower salaries in cybersecurity jobs in the United States, according to a study out Thursday morning. But it also concludes that the pay disparity isn’t as bad in the cyber field as in broader society, and is showing signs of improvement.

According to the study from the nonprofit ISC2, the disparity between men and women isn’t uniform, with women out-earning men at the most senior levels.

The organization collected U.S. salary data from 5,915 survey participants in April and May of 2023. The average U.S. cybersecurity job pays $147,138 annually, ISC2 said, compared to the average U.S. salary of $59,384 as of the fourth quarter of 2023, according to the U.S. Bureau of Labor Statistics.

Women make 5% less than men in nonmanagerial, mid-advanced staff roles, and 9% less than men among managers. At the director and middle-manager level, women make 1% more, and at the C-suite and executive level, women make 4% more, according to ISC2 data.

When ISC2 broke the numbers down by racial and ethnic groups, South Asians are at the top of the pay scale, making $155,000 annually, followed by East and Southeast Asians; Whites; American Indians and Alaska Natives; Hispanics/Latinx; and Blacks/African Americans, who make $132,000.

The figures on the gender gap are an improvement from ISC2’s past studies, in which pay disparities between men and women have been as high as 20%, said Clar Rosso, ISC2’s CEO.

“We have other research data that says people due to unconscious bias tend to hire and advance people that have the same background that they do, and it goes with that, that they are going to get pay bumps as well that they create an imbalance,” she said. But the improvement “speaks to incremental progress we have made on salaries for cybersecurity professionals.”

Some figures suggest that overall, women earn 16% less than men in the U.S. on average.

There are a couple possible explanations for why the study showed women making more money than men at higher levels, Rosso said.

“Maybe they’re coming in from IT leadership or leadership in other parts of the organization  instead of climbing the ladder within the organization, and I think if you’re recruiting from outside, which a lot of organizations tend to do for higher level roles, it wouldn’t be surprising that the salaries might be a little higher,” she said.

It’s also possible that some of the data there might be skewed by fewer answers from women in some of those positions, Rosso cautioned. Overall, the study drew on responses from 780 women, or 15% of respondents, versus 4,540 answers from men.

Mary Chaney, head of Minorities in Cybersecurity, said she wasn’t surprised that ICS2 found that the cyber field had more pay parity than other fields.

“I think organizations are starting to realize that from a talent perspective and workforce development perspective, the hackers have it right in as much as they don’t care about race and sex and all of that other stuff,” she said. “They want talent.”

That doesn’t mean there isn’t room for things to improve further. One way to help, she said, would be for organizations to set pay bands attached to measurable factors — such as years of experience — rather than leaving salaries to negotiations with hiring managers.

The post Women make less than men in US cyber jobs — but the gap is narrowing appeared first on CyberScoop.

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

LockBit Scrambles After Takedown, Repopulates Leak Site with Old Breaches

April 4, 2024 0 Comments 0 tags

A Trend Micro report shows a clear drop in the number of actual infections associated with the LockBit ransomware following Operation Cronos

Russia’s Sandworm Upgraded to APT44 by Google’s Mandiant

April 18, 2024 0 Comments 0 tags

Mandiant has confirmed that Sandworm is responsible for many cyber-attacks against Ukraine has close ties with a Russian hacktivist group

TimbreStealer Malware Targets Mexican Victims with Tax-Related Lures

February 29, 2024 0 Comments 0 tags

The maker of the Mispadu Trojan started distributing a new infostealer with financial lures to Mexican users, Cisco Talos found