Cybersecurity is one of the fastest-growing industries globally, yet it continues to struggle with a major issue: a lack of women and intersectional diversity. Grace Hopper, a pioneer in computer science and U.S. Navy rear admiral, developed the first compiler and contributed to the creation of COBOL, making programming more accessible for all. Katie Moussouris, a computer security researcher, founded Luta Security and played a huge role in creating Microsoft’s bug bounty program. Mary Ann Davidson is the Chief Security Officer at Oracle and has significantly advanced software security assurance processes. Despite these trailblazing efforts, women remain underrepresented in tech.

Let’s lay out the obvious: the workforce is still predominantly male, with women making up only 23%. This number drops even further when looking at leadership roles, and the barriers are even steeper for women of color, LGBTQ+ professionals, individuals with disabilities, and other underrepresented groups.

You might think, “I just want the best candidate for the role.” But if the system unintentionally filters out qualified talent, are you seeing the best?

This isn’t just about diversity, this is about SECURITY. Cyber threats constantly evolve, and approaching them requires diverse perspectives. Are you going to ignore massive portions of the talent pool to defend against these complex, advanced threats?

The Numbers: Where We Stand

Despite some progress, cybersecurity still faces LARGE gaps in representation that must be addressed.

• Women represent 17.9% of the cybersecurity workforce; within this demographic, Black women represent about 9% of overall cybersecurity roles globally.

• In 2023, only 14% of CISOs were women.

• People who openly identify as LGBTQ+ only make up around 2-3% of the tech industry.

• On average, women in cybersecurity report earning about 29% less than their male counterparts.

• A study by the Center for Cyber Safety and Education found that 51% of women in cybersecurity have experienced discrimination in the workplace.

Why Intersectional Diversity Matters

1. Diverse perspectives

   1. Varied viewpoints, experiences, problem-solving all enhance creativity and innovation.

   2. Including but not limited to women of color, LGBTQ+ women, women with disabilities, and women from other marginalized or underrepresented groups

2. Reduced bias in technology solutions

   1. Bias in AI and other technologies may inadvertently disadvantage multiple marginalized groups.

3. Improved company culture

   1. Inclusive work environments improve morale and foster mentorship, collaboration, innovation, and they make organizations more attractive to ALL talent.

4. Companies with diverse teams are 39% more likely to outperform their competitors!

Barriers to Entry and Advancement

• Toxic work culture and biases

• Imposter syndrome

• Depictions in the media (lack thereof)

• Underrepresentation in STEM and educational programs

• Economic barriers and wage disparities

How to Fix: Call to Action

For Companies and Hiring Managers

1. Revamp job descriptions

   1. Focus on skills over degrees and certifications.

   2. Remove gendered language and unnecessary experience requirements.

   3. Showcase commitment to diversity, equity, and inclusion initiatives within the company, like DEI programs and ERGs, in open job listings.

2. Improve hiring

   1. Ensure diverse interview panels.

   2. Use anonymous resume reviews to reduce unconscious bias.

   3. Be transparent about salary ranges to help close pay gaps.

3. Create inclusive workplaces.

   1. Establish clear policies against harassment and discrimination.

   2. Offer flexible work arrangements to support work-life balance. This isn’t just about parents; EVERYONE deserves work-life balance.

   3. Implement employee resource groups and mentorship programs aimed specifically at intersectional communities (e.g., Womxn-plus, LGBTQ+, neurodiversity, BIPOC, disabled professionals).

   4. Intersectional policies, accommodations, and benefits such as mental health support and healthcare benefits that consider the healthcare needs of all.

4. Address bias in technology

   1. Actively work to eliminate biases within technology (AI, other software) that disproportionately impact women of color and trans women, like Smart Appearance video conferencing software that addresses issues like skin tone and gender representation.

   2. Ensure testing and validation processes include diverse perspectives.

   3. Advocate for inclusive design principles in cybersecurity solutions.

For Allies and Mentors

1. Advocate for diverse talent.

   1. Invite AND ENCOURAGE marginalized professionals to speak at conferences and contribute to panels.

   2. Actively recommend and refer underrepresented employees for promotions and new opportunities.

      1. Support initiatives like The Mom Project and Fairygodboss that help connect women with professional growth resources.

2. Challenge bias in everyday interactions.

   1. Speak up against exclusionary behavior, unconscious bias, and barriers that limit opportunities for underrepresented groups.

   2. Challenge outdated stereotypes about who belongs in technology and cybersecurity.

3. Encourage early engagement in cybersecurity.

   1. Partner with organizations like Girls Who Code, Women in CyberSecurity (WiCyS), Black Girls Hack, Raices Cyber, and Women in Security and Privacy (WISP).

   2. Support programs like or mentor local high school students and younger in cybersecurity.

4. Model inclusive leadership

   1. Demonstrate inclusive behavior by actively listening, valuing diverse perspectives, and fostering an environment where all voices are heard and respected.

   2. Set the standard for others to follow.

Conclusion

Cybersecurity isn’t just about technology, it’s about people. The question is: are we building teams that reflect the people we’re protecting?

What’s one thing you’ll do this week to make cyber more inclusive? Review a job description for bias? Recommend someone awesome for a panel? Mentor a future hacker?

Drop it in the comments and share this post to help drive progress in cybersecurity.