Women are much more likely than men to see cybersecurity as a shared responsibility across an organization, but aren't getting the training they should.
Managed threat detection and response provider e2e-assure surveyed 1,000 employees across a range of industries, including healthcare, manufacturing, professional services and financial services.
Researchers found that while half of women said they viewed cybersecurity as the responsibility of everyone in the organization, the same was true of only three-in-ten men.
Nearly nine-in-ten workers said they had been the victim of a cyber attack at work.
Notably, 28% of women said they were unclear of the consequences of falling prey to cyber criminals, compared with 16% of men. And there's also less awareness of AI policies amongst women, at 21%, compared with 27% for men.
Meanwhile, when a breach does occur, only three-in-ten women receive the necessary training - and risk a disciplinary if they cause another breach - compared with 35% of men.
"Cybersecurity in 2025 and beyond is not just an IT issue, it’s a business-wide responsibility. Our research reveals that while men and women recognise the importance of security, businesses are missing a crucial opportunity to drive forward cyber resilience, as they feel disconnected to training provided," said Rob Demain, CEO of e2e-assure.
"This means men are less likely to recognize the importance of their cybersecurity practices for the rest of the organization. And while women view it as a collective responsibility, they’re uncertain about the consequences, due to lack of training effectiveness."
A quarter of men said they saw themselves as responsible for the security of their company, compared with just 18% of women. And it's important, the researchers concluded, that employees do have this sense of collective responsibility.
"To relieve frustration and fatigue for cyber risk owners, and build resilience from the ground up, an organization needs to have a 'one team, one dream' mentality," they wrote.
"There needs to be a strong narrative in place, positioning cybersecurity as a collective responsibility, driving an internal cybersecurity culture to ensure employees are engaged with training and policies."
Employees should be kept at the center of the security strategy and involved in the creation of policies, the report recommended. Security measures should be explained clearly and feedback collected regularly, with training and security measures adapted accordingly.
However, things could be worse, according to research from non-profit cybersecurity training organization ISC2, which recently found that more than a third of women are now involved in creating organizational Gen AI use policy - 5% higher than the figure for men.
They're also working harder to get certifications, with more than a quarter working towards AI-specific security certifications, compared with just 18% of men.
MORE FROM ITPRO
- IBM pledges support for UK government cyber skills program
- Women in tech think the industry has changed for the better, but there’s still more work to be done
- Women in cyber security: Closing the gender divide
-
Microsoft: get used to working with AI-powered "digital colleagues"News Tech giant's report suggests we should get ready to work with AI, revealing future trends for the workplace
-
HPE boosts Aruba, GreenLake securityNews Tech giant hopes to help enterprises battle against rise of "sophisticated" cloud threats
-
‘AI is coming for your jobs. It’s coming for my job too’: Fiverr CEO urges staff to upskill or be left behindNews The latest in a string of AI skills warnings has urged staff to begin preparing for the worst
-
Osney Capital unveils UK's first seed fund for cybersecurity startupsNews VC firm Osney Capital has launched the UK’s first specialist cybersecurity seed fund, saying it plans to back 30 companies at the seed and pre-seed stage.
-
Employees want purpose, and they’re willing to quit to find it – upskilling, career growth, and work-life balance have shifted priorities for workersNews Employees want purpose and meaning at work — and if they don't get it, two thirds would quit to find it.
-
IBM pledges support for UK government cyber skills programNews The CyberFirst Girls competition is aimed at increasing diversity in the cyber security workforce
-
Imposter syndrome is pushing women out of techNews Men have dominated the tech space, though some evidence suggests that it's beginning to change
-
AI skills training can't be left in the hands of big techNews Speakers at Turing's AI UK conference lay out challenges to AI skills readiness
-
Tech talent shortages mean firms are scrapping traditional recruitment strategiesNews With more than half of enterprise leaders worried about future skills shortages, many organizations are turning to a range of new techniques to expand potential talent pools.
-
DEI rollbacks could exacerbate tech talent shortages – nearly half of recruitment leaders worry diversity cuts will impact their company’s appeal and employee retentionNews Finding talent with AI skills has already become a major challenge for enterprises, but with some enterprises shelving DEI hiring practices, research suggests the situation could get worse.
