Cyber Security

Women in Cybersecurity: How we can make a difference

By Lucy Montague of SureCloud

Sunday, 8th March marks International Women’s Day – signalling an ideal time for us to take a look at the oft-discussed issue of women in the technology industry – and particularly women working within cybersecurity.


It is no secret that women are underrepresented in STEM (science, technology, engineering and maths) industries. The trend begins at school; when a ‘Women in Technology’ study in 2017 found that girls became steadily less likely than boys to study STEM subjects as they moved through school, to university – which ultimately resulted in 15% of male graduates saying a tech career was their first choice post-university, as opposed to just 3% of female graduates.

Industry growth

The picture is slightly better when we focus on the cybersecurity sector within the broader technology industry. According to an (ISC)² Cybersecurity Workforce Report, women working in cybersecurity currently only account for about one quarter (24%) of the overall workforce.

However, this is an increase of just 11% in 2017. Furthermore, the study found that ‘compared to men, higher percentages of women cybersecurity professionals are reaching positions such as chief technology officer (7% of women vs. 2% of men), vice president of IT (9% vs. 5%), IT director (18% vs. 14%) and C-level/executive (28% vs.19%).’

We can see, then, that the proportion of women in cybersecurity is growing, and once they get there, they are moving to management positions.

However, there is clearly a long way to go to achieve gender parity. And parity is particularly important in the cybersecurity industry, because it is vital that the workforce fighting cybercrime encompass the diversity of perspectives, skills and experiences.

Given that the perpetrators of cybercrime – the threat actors, hackers, digital vandals and criminals – come from a wide variety of backgrounds and experiences, it is important that the workforce battling them is equally diverse.

How can we encourage more women into cybersecurity?

‘You can’t be what you can’t see’ is a well-worn phrase when it comes to considering diversity and representation in different areas – and with good reason.

We believe that its important to start early in the campaign for encouraging more women into the sector. Beginning with education. A PWC study found that a hefty 78% of students couldn’t name a single famous female working in technology, and just 16% of female students had a career in technology suggested to them (the figure was twice as high amongst male students).

We need, then, a multi-pronged strategy. We need to elevate more women within the cybersecurity industry, supporting and encouraging them to rise to leadership positions – and we need to ensure that this elevation is made visible to women earlier on in their careers, as well as those still in education. 

Inspire and thrive

There are a number of great initiatives for girls in education to help inspire them into a career in tech and cybersecurity including WISE Initiative and of course, Girls Who Code.

When considering women in the workplace and elevating women into leadership positions, this depends on encouraging solid female talent into the industry in the first place – since the managers and leaders of tomorrow are the graduates and juniors of today. 

Cybersecurity needs to be positioned, therefore, as an attractive career for women who are studying or early on in their careers. Employers can always do more in terms of partnering with colleges and universities and running events which demystify the industry and set out the incredible variety of careers within cybersecurity.

There is also an important role for employers when it comes to nurturing and supporting those women to remain in cybersecurity throughout their careers, developing their skills and taking on ever-greater responsibility.

As outlined above, women in cybersecurity actually seem to be more successful than their male colleagues at rising to managerial and leadership positions – if they remain in the industry. This means not only offering tailored training and development, but also listening to what employees are actually saying they need.

Visibility can be achieved in many different ways. Consider the recent RSA Conference in San Francisco, the world’s largest cybersecurity event with more than 40,000 attendees and 740 speakers. 46% of all keynote speakers were women, a huge improvement on just a few years ago and a fantastic means of showing to the entire industry how women can build hugely successful and influential careers in cybersecurity. On a more local level, female-only networking events and mentoring schemes have already proven hugely powerful. 

Women in cybersecurity can be a huge asset. Attracting them into this most diverse, dynamic and rewarding of careers – and helping them to forge paths of success and innovation – is something we can all be part of.

SureCloud’s women in cybersecurity team – The Security Senoritas will be discussing these points in further detail while interweaving with their own experiences on a live webinar happening Monday the 9th. Register here to watch

About SureCloud

SureCloud is a provider of cloud-based, Integrated Risk Management (IRM) products, Cybersecurity and Risk Advisory services, which reinvent the way you manage risk.

SureCloud connects the dots with IRM solutions enabling you to make better decisions and achieve your desired business outcomes. SureCloud is underpinned by a highly configurable technology platform, which is simple, intuitive and flexible.

Unlike other GRC Platform providers, SureCloud is adaptable enough to fit your current business processes without forcing you to make concessions during implementation; meaning you get immediate and sustained value from the outset