Only 11% of all cybersecurity professionals are female, according to a new report.
More than half of women in the cybersecurity industry have experienced some form of discrimination throughout their careers from their male peers.
That’s one of the takeaways from a new report released on Wednesday morning focusing on female cybersecurity professionals. Three non-profits—the International Information System Security Certification Consortium or (ISC)², the Center for Cyber Safety and Education, and the Executive Women’s Forum—created the report, which was sponsored by PricewaterhouseCoopers, IBM, and other firms.
The analysis serves as an extension of an earlier survey of more than 19,000 cybersecurity workers on issues in their field—this time focusing on only the female responders from that study.
Overall, the analysis paints a grim picture of how women are represented in the cybersecurity field, as females account for just 11% of all cybersecurity professionals, earn less than their male counterparts across the board, and generally feel under-appreciated by their employers.
Get Data Sheet, Fortune’s technology newsletter.
The disparity remains at the executive level too, the research shows, with men being nine times more likely to be in a managerial position, and four times more likely to be in executive management.
“What is clear is that enterprise and government efforts to attract and retain more women in the global cybersecurity profession have not made a meaningful impact,” the report read. “The stagnation of women’s participation in the workforce is noteworthy because the workforce gap continues to grow.”
Of the 51% of survey respondents who reported discrimination, 87% said they felt the bias was unconscious, while 19% said they had experienced it overtly, researchers say. An example of unconscious discrimination includes a scenario in which a man chooses to talk only to other male workers in a room “because they have gender in common,” said PwC forensic services principal Sloane Menkes.
Although the report did not cite specific causes of discrimination toward women, Menkes said that some of the women surveyed “feel undervalued” by their male peers.
As for why women account for only such a small fraction of cybersecurity professionals, Menkes ventured that “it could be because there is conscious or unconscious discrimination.” Research shows that the figure “is not moving,” she added.
Kris Lovejoy, CEO of cybersecurity firm BluVector, said she has experienced discrimination throughout her career from male peers, including instances where men at cybersecurity conferences automatically assumed she was a “booth babe”—perhaps simply because she is female.
Lovejoy, who was not involved with the study, said that the cybersecurity profession would benefit from having more women in the field because it requires analytical thinking from numerous perspectives.
“When you mix up gender, culture, orientation, or race, you get different ways to solve problems,” said Lovejoy.
Menkes, who was mentored by the late cybersecurity expert Howard Schmidt, a security adviser to U.S. Presidents George W. Bush and Barack Obama, urged more male executives to be involved with mentoring women to help encourage a greater sense of recognition.
“I stand on the shoulders of male mentors who said, ‘This is a place where you can have a career in cybersecurity,'” she said.
Mentorship is especially important for women in cybersecurity, a field where there’s a lack of female “role models,” Lovejoy said. She explained that she weathered discrimination to eventually become a high-ranking member of the field, through grit she partly attributes to having “a tough mom.”
“I have trained myself to know how to command the story,” Lovejoy said, “but I look back and I say to myself: ‘Not everybody knows how to do that.”