Gender gap in cybersecurity starts early, study finds

Most girls rule out a cybersecurity career by their teens, Kaspersky Lab survey reveals.
EdScoop Feature Image

By the time they reach their teens, most girls have already ruled out a career in cybersecurity, a new study by Kaspersky Lab found.

For a field in which jobs are overwhelmingly filled by males — or not filled at all, thanks to a growing skills shortage — the study suggests that cybersecurity recruitment must start at a much younger age for women, before they can be dissuaded by stereotypes around the profession.

It’s estimated that women make up just 11 percent of the current cybersecurity workforce. With that in mind, researchers at Kaspersky Lab, a global cybersecurity company based in Russia, set out to understand what’s holding women back.

They surveyed more than 4,000 teenagers and young adults between the ages of 16 and 21, asking them about their interests, influences, awareness and perception of cybersecurity as a profession.


“We found that, contrary to popular opinion, young women do have the skills required to enter cybersecurity roles,” the authors of the report wrote. “They do perceive the role to be of value to society, and have largely had positive interactions with the industry.”

Yet, before they turn 16 years old, most women in the United States and Europe have decided not to pursue careers in cybersecurity, they said. Using the survey responses, the researchers were able to glean several reasons why so many women are quick to dismiss the field.

For starters, it’s the image of cybersecurity professionals. Terms like “hacker” have negative connotations, the study found. One-third of women surveyed consider cybersecurity professionals “geeks,” one-fourth consider them “nerds” and one-sixth think cybersecurity is dull. As a positive alternative, the authors suggested promoting the use of words like “protector” and “guardian” when talking about cybersecurity professionals with students and young people.

Another reason for girls’ early rejection of cybersecurity comes from a misunderstanding and lack of awareness, the study found.

Women cited their lack of coding experience as a top reason they decided not to pursue a cybersecurity career. Many also responded that their inadequate math skills and limited knowledge about cybersecurity deterred them.


“Women need to be made aware that they don’t have to be expert coders to be able to flourish in cybersecurity,” the authors wrote. “There are plenty of other skills that are attractive to potential employers, all of which would help to plug the current skills gap.”

The authors concluded that women are outnumbered in the field primarily because of a communication problem that begins early on.

“Our research has shown that young women have a wide range of transferable skills. They have drive, ambition and want to work in a career they are passionate about. Meanwhile, cybersecurity firms want to recruit and are looking for candidates [like them],” they wrote. “So, what’s the problem? … It’s clear that, somewhere along the line, a link is being missed. Whether that be during school, university, or after finishing education, the dots aren’t quite being connected, resulting in significantly more women than men dropping out of the system.”

Latest Podcasts