Foregenix Blog

Kirsty Trainer

International Women's Day - Why Are There Less Female Cybersecurity Professionals?


,08/03/18 10:08

As you may be aware, today is international women’s day. Gender equality and inclusiveness have played a prominent role in society over recent years, with a strong call to motivate people to think, act and be gender inclusive. However, women in the cybersecurity industry are still underrepresented, with a large gap between male and female professionals.  

In Kaspersky’s article, they claim that only 11% of cybersecurity professionals are women, and undertook a report to look at the root cause of the issue.

“We found that young women have the skills to enter the industry, and they tend to have positive opinions about cybersecurity’s role in society. They are not, however, pursuing cybersecurity careers, and our research implicates two broad causes: educational guidance and a lack of role models.”

They go on to say that in school, boys are more likely to choose mathematics and IT as their preferred subjects (both of which are common foundations for a career in cybersecurity). The studies into why girls aren’t choosing STEM field subjects are broad and conflicting; but the fact remains that there’s a shortage of cybersecurity professionals, of which could be bolstered by having more women in the industry.

When it comes to the affect of role models, they found that 69% of young people haven’t met anyone from the cybersecurity industry, with only 11% having met a woman that works in the industry. After meeting a fellow female that works in cybersecurity, 63% of women are reported to think more positively about the sector.

If we take this at face value, it would appear that putting more women into the cybersecurity spotlight could contribute to an increase in engagement. However, when you look at speaking events, women are sorely underrepresented.

The RSA conference (one of the biggest gatherings in the industry) has recently come under fire for only featuring one woman, Monica Lewinsky, among 22 keynote speakers. There has been criticism that RSA’s only female speaker is not a cybersecurity expert. She has previously spoken at conferences about internet trolling, but supposedly has no experience in cybersecurity.

Facebook’s CSO, Alex Stamos, tweeted a list of 16 women that could’ve made good keynote speakers at the RSA conference.

In response, a rival conference OURSA (Our Security Advocates) is being set up with the aim of featuring more female speakers. All tickets for the rival event are reported to have sold out.

The UK government has been pushing a female centred cybersecurity scheme (Cyberfirst Girls) into schools to increase the level of engagement and attempt to inspire young women to take up a career in the industry.

There are also non-profit organisations such as Women’s Security Society, set up with the aim to “encourage the advancement of women involved in all aspects of the security industry through the exchange of information and cultivation of productive relationships”. According to their website their objectives are:

  • To share knowledge, provide support and encourage the empowerment and success of women in the security industry
  • To reach out to women in the security industry through networking events and a web based forum
  • To support women specifically working or studying in a security related or management security discipline
  • To be open to everyone across all security disciplines regardless of the experience, position or industry

Whilst these efforts won’t completely solve the problem facing the gap in cybersecurity professionals, it’s good to see that people are aware of the issue; and are beginning to take steps to solve it.


Kirsty Trainer
"Key" to Secure Data - P2PE - Derived Unique Key Per Transaction (DUKPT)

Written by Andrew McKenna, PCI QSA, PCIP at Foregenix The encryption key infrastructure usually ...

Read More
David Kirkpatrick
Penetration Testing: The Quest For Fully UnDetectable Malware

Malware continues to be one of the main attack vectors used by criminals to compromise user and ...

Read More

Cyber Security Insights

David Kirkpatrick
16/03/18 16:31

You are the Weakest Link … Goodbye!

Historically, customers have used penetration testing to test the security of their infrastructure from an external or internal perspective. For a ...

Read More

Kirsty Trainer
08/03/18 13:55

Women of Cybersecurity [#InternationalWomensDay]

Women’s representation in Cybersecurity is often a topic of discussion. As we speak, RSA Conference is being criticized for its lack of female ...

Read More

Kirsty Trainer
08/03/18 10:08

International Women's Day - Why Are There Less Female Cybersecurity Professionals?

As you may be aware, today is international women’s day. Gender equality and inclusiveness have played a prominent role in society over recent years, ...

Read More

Jake Dennys
07/03/18 09:54

Is VOIP The Weak Link In Your Security Chain?

Voice Over Internet Protocol (VOIP) has recently become an interesting talking point in regards to PCI Compliance. If you aren’t taking the security ...

Read More

Jake Dennys
28/02/18 10:05

Why PCI compliance is important as a Travel Agent.

As you may be aware, the regulatory body governing the world’s airlines (International Air Transport Association, IATA) announced some time ago that ...

Read More