Valuable Learnings from Women in Cyber on Bridging the Gender Gap in Security

In the ever-evolving landscape of cybersecurity, one statistic remains stark: women comprise only 24% of the workforce. However, this figure is steadily rising, with an 11% leap since 2017, as reported by the ISC2 Women in Cybersecurity Report.

This Women's History Month, let's embrace the opportunity to fuel this momentum further and uplift the women who are not just stepping into security roles but progressing their careers with determination and resilience.

I had the privilege of speaking to remarkable women across the cybersecurity industry, to hear their stories and gather pearls of wisdom that will benefit the next generation of female security leaders. Here’s what I learned:

1. The path into cybersecurity is not always conventional

Many of the women I spoke to didn't embark on their careers in cybersecurity initially. They came from diverse backgrounds – fashion, graphic design, tech support – where their innate curiosity and skills intersected, igniting a passion for cybersecurity.

Discovering the passion was just the beginning, it takes more than mere curiosity to embark in a career in cybersecurity. As Romy Chiprut, Software Engineer at Hunters puts it, “the combination of passion for technology, the dynamic nature of the field, the sense of purpose and the opportunity to apply my skills to make a difference.”

Junior Security Engineer at Unzer, Ana Lukavski, shared her source of inspiration came from TV: "I always loved watching Crime shows (like CSI), and this is my way of fighting crime in real life." For Sandra Pichon, Global Business Process Director at Kudelski Security, cybersecurity presents an alluring challenge akin to solving puzzles. Tammy Truong, Senior Threat Detection Engineer at Snowflake, is propelled by a sense of purpose to safeguard organizations against threats through devising strategies and assessing risks.

It doesn’t matter what path you take to find your passion for cybersecurity, but recognizing, embracing and taking steps to jumpstart your career takes more than just willpower.

2. Companies need to hire, retain and promote more women in cybersecurity

With 3.5 million cybersecurity positions unfilled globally, it's imperative that companies eliminate challenges to not only attract but also retain and promote the brightest minds in this field.

Women apply for 20% fewer jobs because they often only apply to jobs if they’re 100% qualified. But, Elle Vee Johns, Staff Security Program Manager at Gong says it best, “Don't be scared to apply for a job that you may not think that you are qualified for. Try to look at recs and analyze your past and relate it to the rec so you can actually have that confidence to articulate why you should be hired for this role, even with the limited experience. Mindset is everything.”

A recent Forbes article finds that nearly 90% of American women believe that hybrid work serves as an equalizer. Ana Lukavski underscores the necessity of flexibility and work-life balance, crucial for women managing familial responsibilities without compromising job performance. 

When isolated to the tech industry, studies find that only 52 women are promoted for every 100 men. Netanella Brand, Full Stack Software Engineer at Hunters, highlighted the need for organizations to address disparities in encouragement and opportunity, advocating for flexibility in hiring criteria and recognizing candidates' potential beyond traditional resumes.

It’s equally important to know how to retain the talent. Kristi Houssiere, VP of Global Alliances at Lodestone, comments that “Once women are on the team, ensure you are thwarting burnout, focusing on learning, and developing their skills, reviewing the hiring and promotion process for gender bias, tying purposeful vision to their roles, and finally building an inclusive company culture.”

3. Confidence is the key to career success in cybersecurity

While transferable skills and industry knowledge are key indicators of whether or not someone will be successful in a given role, the women I talked to often highlight mindset as the #1 barrier to entrance.

As Senior Security Researcher at Hunters, Almog Lahiani, says women need to be reminded to “Embrace your unique perspective and contributions to the field.” 

Having a fulfilling and rewarding career is a confidence game, “work on your confidence by setting and achieving personal goals. You need confidence to take chances, be assertive and fail quickly and iterate,” says Christina Bunchuck, VP of Customer Experience at Hunters. 

Ultimately, it’s not enough to put engaging social media posts on International Women’s Day and call it a day. Leaders within organizations need to recognize and embrace the role they play in empowering more women to gain, retain and progress within their cybersecurity careers. 

We’re not going to solve the issue overnight, but We Live Security has tangible advice for companies to continue moving in the right direction:

1. Foster a culture of respect
2. Spark an interest in cybersecurity early on
3. Build more pathways to a career in cybersecurity
4. Create mentorships programs
5. Ensure pay is equitable
6. Improve career development
7. Broaden hiring criteria and look internally

If you’re a woman considering a career in cybersecurity, I will leave you with this final nugget of wisdom from Kristi Houssiere, "Don't be intimidated; this field needs and deserves your unique perspective."