Study: High Salaries Not the Biggest Draw for Female Cyber Pros

Andy Dean Photography/

Female cybersecurity pros value a job's nonmonetary incentives above monetary ones.

Good news, agencies: You may not need to break your bank to lure cybersecurity pros away from Silicon Valley. Or at least, not when recruiting women.

When female information security professionals were asked what incentive they value in a job, the top response was flexible work schedules, according to a new white paper released Monday by the growth consulting company Frost & Sullivan.

While almost 80 percent of female respondents said flexible work schedules are “very important,” less than 60 percent of them said this about improved compensation packages. In contrast, male respondents were found to be much more focused on monetary incentives. 

At a time when agencies are facing increasingly stiff competition to recruit top-tier tech talent, failure to keep pace with the private sector’s pay scale is often referenced as one of the federal government’s biggest obstacles.

The study did not break down female responses according to whether they work in the public or private sector. The data comes from research in the (ISC)² Global Information Security Workforce Studies. The most recent study polled almost 14,000 information security professionals, 20 percent of whom said they work in government.

Not only did the report’s female respondents say high salaries were not the most important job incentive, they also said this isn't an effective strategy for helping to curb the information security workforce shortage.

“A mix of monetary and nonmonetary incentives, such as flexible work arrangements, and varied training and education methods will be important in attracting and retaining the talent the InfoSec profession requires,” the report stated.

Women currently make up only 10 percent of the information security workforce, according to the report. This is 1 percent fewer than last year and the same as it was two years ago.

However, there are some subsets of the information security field in which women have a stronger showing than others, according to the report.

For example, one in five women in the cyber field specifically work in the governance, risk and compliance, or GRC, field, according to the report. Only one in eight men work in the field.

This particular role requires “diffusing emotions, collaborating across multiple stakeholders and adroitly balancing business objectives and risk management,” the report stated, adding that women are more likely to possess these abilities.

The report was conducted in partnership with Booz Allen Hamilton.

(Image via Andy Dean Photography/