With the demand for new cybersecurity talent growing faster than the supply, there is no shortage of professional opportunities. In fact, the number of unfilled cybersecurity jobs grew by 350 percent, from one million positions in 2013 to 3.5 million in 2021, according to Cybersecurity Ventures. If steps aren’t taken to close this gap, the research organization predicts we’ll have the same number of openings in 2025, which is enough to fill 50 NFL stadiums.
Despite the wide-open cybersecurity field, women continue to be underrepresented, accounting for just 25% of the workforce. While the number of cybersecurity jobs held by women continues to grow, it’s still far too low.
To inspire more women to consider cybersecurity as a career path, I asked a talented group of security professionals, who work in various industry roles, for advice based on their own experiences. Here’s what they had to say:
Become a Subject Matter Expert; Never Stop Learning
Across the board, the women stressed the importance of education in cybersecurity and becoming a subject matter expert.
Shira Sagiv, vice president of product marketing at Radware, recommends, “To become a professional in what you do – learn the space, the market, understand the trends and challenges, and voice your opinion. If you become a subject matter expert in your area, you will be seen first as a professional and be asked to provide your opinion. Don’t be afraid to go deep in your education, even if it seems too technical. It will give you the knowledge and confidence to speak. Show your value and be confident in it.”
In a field like cybersecurity that is constantly evolving, ongoing education is essential. Certifications and online programs can be great resume boosters. If you are looking to advance to senior levels in cybersecurity, a more formal degree is also valuable. It can not only fill in gaps in your technical background but also help you sharpen leadership and management skills that are important in navigating a rapidly changing industry.
Nikki Peever, director of cybersecurity at CAUDIT, encourages her peers to rely on each other and to stay current in their field. “In cybersecurity, we are stronger if we collaborate and work together. Building connections with like-minded individuals will enable you to flourish professionally and expand your own knowledge. Also, never stop learning. Cybersecurity changes regularly, and threats evolve constantly, as do our best practices techniques and technologies. Make sure you continue to educate yourself and listen to the leaders and third parties at the bleeding edge of innovation to learn about what is on the horizon.” It's important to note, however, that there isn’t any single educational path laid out for cybersecurity professionals. So don’t count yourself out of the running for an opportunity if you don’t have a technical background or an advanced degree in cybersecurity.
Cat Morgan, channel development manager at Westcon-Comstor, is a perfect example. “Like many, I came to cybersecurity in a roundabout way and almost by accident. As a non-technical salesperson, I am blown away every single day by the deep knowledge of my customers, partners, and colleagues in this space. I’d love to see more women in cybersecurity. And I am proof that you don’t need to be technical to succeed, but you do need to have a love of learning. If you’re organized and know how to utilize the resources available to you, you can be successful in this fast-growing space!”Believe in Yourself
Just as important as education is to a successful career in cybersecurity, so is having confidence in yourself. Some of this confidence is built simply as a natural outcome of training and experience. Another way to gain confidence is to proactively reach out to other women in the field and develop new relationships. Role models and mentors are incredibly important in inspiring and supporting people in underrepresented groups to first, consider the field, and second, join it.
If you’re new to cybersecurity, it’s easy to understand how it might be perceived as an intimidating profession, especially if you have little or no experience in the field. But with the right mindset, determination, and support system, cybersecurity can be an accessible and rewarding career.
Peever speaks from her own experience, “When entering a new field, it’s normal to feel insecure or doubt your ability until you gain competency and experience. Entering a male-dominated field as a woman can certainly amplify these feelings. Currently, only approximately 25% of those in cybersecurity are female, and it’s even less for those in leadership positions. If you are starting out and have feelings of inadequacy or doubt, you should seek out active cybersecurity communities and attend relevant events to connect with peers.”
Sagiv had similar words of encouragement. “Don’t be afraid to speak up in a room full of men. You will often find yourself in these situations. Believe in yourself and in your knowledge and speak up to voice your opinion. If you take care of being a professional, your opinion will be valued.”
Pursue Organizations Committed to Diversity, Equity and Inclusion
In addition to offering advice to women considering a career in cybersecurity, my sources also shared recommendations for what companies can do to attract more female talent into the cybersecurity field.
As an industry, we must do a better job of making people aware of the options and opportunities available to them.
As Peever notes, it starts with recruiting. “It’s important to be specific in job advertisements regarding required versus desirable attributes. Research shows that women tend to only apply for positions where they meet all the requirements in the advertisement. IT and cybersecurity positions often list an extremely broad range of expectations, even if only some are necessary to be successful in the position (i.e., multiple programming languages, compliance knowledge, etc.), which is likely to reduce the number of women applying for these roles.”
Chief People Officer Riki Goldriech from Radware agreed and went on to say, “You can’t be what you can’t see. That’s why it’s important for organizations to highlight women in their company communications. For example, use pictures of women in recruiting ads, as well as share testimonials, success stories, and advice from female employees on career pages and social channels, such as LinkedIn.” She also said, “Companies should promote the many advantages for women interested in careers in cybersecurity. While it is a male-dominated field today, it offers meaningful benefits, such as flexible hours and hybrid work. Some companies have adjusted recruiting ads accordingly and even their hiring processes.”
Where There is the Right Balance, We Achieve More
In a field that is highly technical, it’s important not to lose sight of the people's perspective. If we don’t put people first and create a more diverse workforce, we clearly won’t be able to address the talent shortage. But there are other consequences that might not be as obvious at first. Without diversity in the workforce, for instance, we lose out on the value that comes from having people with different life experiences problem-solve and contribute more agile ideas at a time when cyberattacks are increasing in scale and severity.
