This post was originally published here by (ISC)² Management.
Non-white cybersecurity workers outnumber their white counterparts in advanced education degrees (master’s and higher), but they are still underrepresented in managerial positions. As a group, minority professionals also get paid less than Caucasians, according to a new report from (ISC)2.
The report, Innovation Through Inclusion: The Multicultural Cybersecurity Workforce suggests ethnic and racial minority professionals face barriers to advancement that don’t seem to apply to Caucasians. The same is true when it comes to salaries, as Caucasian workers significantly out-earn their multicultural peers.
Minority workers make up 26% of the U.S. cybersecurity workforce, just five points above the overall minority workforce (21%) and two points below the share of the U.S. population composed of ethnic and racial minorities (28%).
In terms of career advancement, cybersecurity workers who identify as a minority are at a clear disadvantage. While 30% of their Caucasian peers hold positions in the role of director or above, the number of minorities in those roles is 23%. Yet, minority cybersecurity professionals as a group are more educated: 62% of them have earned a master’s degree or higher – 12 percentage points higher than professionals who identified as Caucasian (50%).
The report cautions that academic degrees don’t necessarily equate to advanced skill levels, but most employers use them as a hiring prerequisite. So while employers want to staff up with more educated workers, they aren’t necessarily rewarding employees for those higher degrees if the workers happen to be minorities.
The report notes previous research has shown “higher levels of education among leaders can contribute to the greater overall success of an organization.” Furthermore, “diversity in leadership has a positive impact on an organization’s overall profitability.” That being the case, it appears employers shoot themselves in the foot when they hold back their employees with master’s degrees and Ph.D.s.
Fewer career advancement opportunities are not the only thing holding back minority cybersecurity workers. They also tend to earn less than their non-minority colleagues. The average yearly salary of non-Caucasian cybersecurity professionals is $115,000, compared to the overall workforce average of $122,000.
Caucasian males are at the top of the salary scale, averaging $124,000 compared to $121,000 for males who don’t identify as Caucasian. Non-Caucasian females earn even less, averaging . “In addition to a higher average salary, Caucasian workers were more likely to receive a salary increase within the past year, as compared to other races and ethnicities,” the report says.
Discrimination plays a role in the discrepancies in salary and career advancement opportunities. “Overall, 32% of cybersecurity professionals of color who participated in the survey report that they have experienced some form of discrimination in the workplace. Across all races and ethnicities, women experience greater rates of discrimination in the workplace than men,” the report says. The group most affected by discrimination consists of women who identify as African American, Hispanic, Asian or of Native American descent.
Closing the Gap
To address discrepancies, the report recommends that employers take several measures:
- Offer mentorship and training, which is viewed as very important by 49% of minority cybersecurity workers.
- Develop executive leadership initiatives to encourage the advancement of minority employees.
- Offer company-wide recognition programs and events.
Employers that succeed in these areas stand to benefit from a culturally diverse workforce by boosting innovation and finding new ways to meet challenges. And by welcoming and encouraging non-Caucasian workers, employers also take a solid step in addressing the ongoing skills shortage in cybersecurity.