Survey: More Work Needed to Deliver Equal Pay in Cybersecurity

Amid economic disruption and other business challenges, cybersecurity roles continue to deliver competitive salaries at all levels. However, research has revealed there remains a significant disparity in pay between men and women.

Throughout March, ISC2 has published a series of #WomenInCyber articles based on research findings from women working in the cybersecurity profession. The results highlight the perspectives of women in the field. In this final article, we look at cybersecurity salaries and the issue of gender disparity in salary levels across the hierarchy of the cybersecurity team.

Respondents to the ISC2 Cybersecurity Workforce Study shared their salaries, enabling us to build a picture of how salaries in cybersecurity manifest based on factors including role, gender and ethnicity. For the purposes of statistical validity, we are using data based on 4,730 participants from the U.S. The numbers referenced are base salaries, excluding any bonuses, additional compensation or taxation.

Salaries Across Cybersecurity Positions

Across the board, we see that cybersecurity jobs continue to offer high levels of average pay at all positions, from entry-level to the C-suite. With an overall average U.S. cybersecurity salary of $157,583, this represents a 10% increase on the same research figure from the previous year.

While our findings do not mean all salaries have risen by this level, it is indicative of the impact of inflation and other economic factors on the salary value of cybersecurity positions.

Gender Disparity in Cybersecurity Salaries

However, when we segment the same salary data by gender rather than role, we see a substantial average discrepancy in salaries between women and men.

When we compare median U.S. salary results by gender, there is a difference of $10,000 between men ($150,000) and women ($140,000) participants. This difference grows to $14,000 when we compare average (mean) salaries, with men who responded earning an average of $159,369 compared to women who earn an average of $144,689.

Drilling down further into these findings, separating out gender responses with role separation, we see women respondents make less than men participants in similar professional levels. However, the gap decreases as the level increases. There is a difference of around $9,000 between U.S. men and women participants at the mid-or advanced-level cybersecurity staff, decreasing to a $6,000 difference at the manager level, and further to a $2,000 difference at the director level. From this we can infer that with seniority, organizations on average move far closer to achieving equal pay, but inequality is still prevalent across the board.

The Importance of Equal Pay - Recommendations and Considerations

Equal pay is arguably one of the most visible indicators of an equitable workplace. In achieving equal pay, it encourages greater opportunities for recruitment and retention of professionals, as well as helping to promote higher levels of job satisfaction overall. Based on the findings shared in this article, the following recommendations are offered to both cybersecurity professionals, hiring managers and those responsible for setting and evaluating pay rates within their organizations:

• Conduct Regular Pay Audits: Regularly assess and analyze salary data across genders to identify disparities. This involves collecting data on pay for similar roles and examining compensation packages to pinpoint inequalities.
• Develop Transparent Pay Structures: Create clear salary bands and pay structures that are accessible to all employees. Transparency in pay ranges can help to manage expectations and reduce gender pay gaps.
• Standardize Job Descriptions and Evaluation Criteria: Ensure that all job descriptions and criteria for promotions are standardized and based on objective measures. This helps in minimizing bias during hiring and evaluations.
• Foster Inclusive Workplace Policies: Develop policies that promote work-life balance, such as flexible working hours or parental leave, to support all employees, particularly those with caregiving responsibilities, who are often disproportionately women.
• Encourage Open Communication: Create channels for employees to voice concerns about pay equity without fear of retaliation. Open discussions around compensation can lead to greater awareness and action.
• Offer Competitive Benefits: Ensure that benefits, such as parental leave, childcare support, and health insurance, are equitable and support the needs of all employees, helping to reduce financial disparities.

Celebrating Women in Cybersecurity

At ISC2, we are celebrating women in cybersecurity during the month of March and publishing a series of articles that encourage the cybersecurity industry to strive for equality and greater inclusivity for all.

We will be sharing more research insights along with the accomplishments, career stories and experiences of women members working in cybersecurity roles.

Cybersecurity professionals can hear from leaders around the world during a webinar, From the Inside Out: Increasing Representation and Inclusion of Women in Cybersecurity. Available now for on-demand replay, this webinar features panelists who discuss unique partnerships and grassroots programming to increase women’s inclusion in cybersecurity. They also discuss why increasing representation matters and how individuals and organizations can play a role in making change. ISC2 members receive one CPE credit for viewing this webinar.

Methodology

The methodology statement for the ISC2 research on which this article is based can be found in the first part of this research series.

Related Insights

• Survey: Women in Cybersecurity See AI Opportunities and Bias
• Survey: Non-Traditional Paths Are Empowering Women to Enter the Cybersecurity Field
• Survey: Women Comprise 22% of the Cybersecurity Workforce