Foregenix Blog

Kirsty Trainer

International Women's Day - Why Are There Less Female Cybersecurity Professionals?

08/03/18 10:08

As you may be aware, today is international women’s day. Gender equality and inclusiveness have played a prominent role in society over recent years, with a strong call to motivate people to think, act and be gender inclusive. However, women in the cybersecurity industry are still underrepresented, with a large gap between male and female professionals.  

In Kaspersky’s article, they claim that only 11% of cybersecurity professionals are women, and undertook a report to look at the root cause of the issue.

“We found that young women have the skills to enter the industry, and they tend to have positive opinions about cybersecurity’s role in society. They are not, however, pursuing cybersecurity careers, and our research implicates two broad causes: educational guidance and a lack of role models.”

They go on to say that in school, boys are more likely to choose mathematics and IT as their preferred subjects (both of which are common foundations for a career in cybersecurity). The studies into why girls aren’t choosing STEM field subjects are broad and conflicting; but the fact remains that there’s a shortage of cybersecurity professionals, of which could be bolstered by having more women in the industry.

When it comes to the affect of role models, they found that 69% of young people haven’t met anyone from the cybersecurity industry, with only 11% having met a woman that works in the industry. After meeting a fellow female that works in cybersecurity, 63% of women are reported to think more positively about the sector.

If we take this at face value, it would appear that putting more women into the cybersecurity spotlight could contribute to an increase in engagement. However, when you look at speaking events, women are sorely underrepresented.

The RSA conference (one of the biggest gatherings in the industry) has recently come under fire for only featuring one woman, Monica Lewinsky, among 22 keynote speakers. There has been criticism that RSA’s only female speaker is not a cybersecurity expert. She has previously spoken at conferences about internet trolling, but supposedly has no experience in cybersecurity.

Facebook’s CSO, Alex Stamos, tweeted a list of 16 women that could’ve made good keynote speakers at the RSA conference.

In response, a rival conference OURSA (Our Security Advocates) is being set up with the aim of featuring more female speakers. All tickets for the rival event are reported to have sold out.

The UK government has been pushing a female centred cybersecurity scheme (Cyberfirst Girls) into schools to increase the level of engagement and attempt to inspire young women to take up a career in the industry.

There are also non-profit organisations such as Women’s Security Society, set up with the aim to “encourage the advancement of women involved in all aspects of the security industry through the exchange of information and cultivation of productive relationships”. According to their website their objectives are:

  • To share knowledge, provide support and encourage the empowerment and success of women in the security industry
  • To reach out to women in the security industry through networking events and a web based forum
  • To support women specifically working or studying in a security related or management security discipline
  • To be open to everyone across all security disciplines regardless of the experience, position or industry

Whilst these efforts won’t completely solve the problem facing the gap in cybersecurity professionals, it’s good to see that people are aware of the issue; and are beginning to take steps to solve it.


David Kirkpatrick
Penetration Testing: The Quest For Fully UnDetectable Malware

Malware continues to be one of the main attack vectors used by criminals to compromise user and ...

Read More
Kirsty Trainer
"Key" to Secure Data - P2PE - Derived Unique Key Per Transaction (DUKPT)

Written by Andrew McKenna, PCI QSA, PCIP at Foregenix The encryption key infrastructure usually ...

Read More

Cyber Security Insights

Jake Dennys
10/09/18 11:37

Using a hosted payment page? This is why you still need to secure your website.

Many companies that host payment pages will boast of their ability to securely process payments. Whilst this may be true, it does not mean that your ...

Read More

Jake Dennys
22/08/18 13:25

Foregenix to join the PCI SSC Global Executive Assessor Roundtable.

We're proud to consider ourselves one of the industry leaders in the cybersecurity arena, and we are constantly striving to share our knowledge with ...

Read More

Akash Sharma
22/08/18 10:50

FGX-Web gets a fresh new look!

FGX-Web gets a fresh new look! Initially, FGX-Web was created to aid our Forensic Analysts in conducting investigations following a data breach. ...

Read More

Jake Dennys
16/08/18 17:12

What can a Website Security Health Check provide you?

Everyday there's another data compromise. Check the news, big breaches are happening all the time - and that's just the high profile ones. It's the ...

Read More

Kirsty Trainer
15/08/18 14:39

P2PE - What are the benefits to retail merchants?

Point-to-Point-Encryption, known to most as P2PE is a standard that is quickly becoming the preferred way for acquirers and merchants to secure ...

Read More