The cybersecurity industry, facing a skills gap of millions of people and grappling with soaring demand for solutions and services, needs female applicants more than ever. Yet, unconscious gender biases have resulted in women either being excluded or choosing not to enter the industry at all.

This is according to Julie Noizeux Inder, channel manager for South Africa at Fortinet, who was speaking ahead of International Women’s Day today (8 March).

Cybersecurity offers a wealth of job opportunities for women, she says. In fact, the 2022 Cybersecurity Workforce Study, (ISC)2 found that 3.4 million more skilled cybersecurity professionals were needed globally, and this gap is growing as cyber threats proliferate. Yet despite the skills gaps and bountiful opportunities available, the cybersecurity sector is still largely male dominated.

Inder says: “There is still a huge gender imbalance in cyber security, even though we do see more young women entering the sector. The (ISC)2 Women in Cybersecurity Workforce Report finds that women working in cybersecurity account for only around one quarter of the overall workforce globally. Even in the under-30 group, women represent only 26% of the cybersecurity workforce.”

Inder points to bias, exclusion and discrimination as some of the reasons for this.

“I grew up with parents and relatives working in IT, yet I thought for years that it was a man’s world. I was in my mid 20s when I realised there was an opportunity for me in IT. I think many women in my generation thought the same, and it’s only really in the last 10 to 15 years that things started changing,” she says.

However, she believes the change must be accelerated: “We all need to make a conscious effort to make a change.”

The latest (ISC)² Cybersecurity Workforce Study found that while gender pay gaps are closing, many female cybersecurity professionals still believe they earn less than their male counterparts.

Fortinet is a strategic partner of Women in Cybersecurity (WiCyS), an international organisation launched in 2013 to recruit, retain and advance women in cybersecurity to build a robust and diverse cybersecurity workforce. WiCyS notes that there are diverse groups of people attacking cyber infrastructure, therefore diverse individuals are needed in cyber defence.

The first phase of a new State of Inclusion of Women in Cybersecurity report by WiCyS finds that women in the field feel disrespected, excluded and unable to get ahead, with 83% of respondents sharing at least one experience of exclusion.

Inder says many women working in the IT and cybersecurity sectors encounter occasional disrespect or exclusion.

“For example, in a meeting, men and women alike may assume you are attending to take the minutes, or in a marketing capacity. Many people just take for granted that women don’t work in a technical capacity,” she says. “In recruitment drives, those interviewing candidates may show unconscious bias too. You need to be conscious of a tendency to choose people similar to you in terms of gender and interest, and make an effort to build more diverse teams.”

Women often bring much-needed softer skills such as collaboration, critical thinking and problem solving to the mix, Inder says. “Women are just as capable technically, plus they may also bring different ways of thinking and new dynamics to the team,” she says.

Inder points out that there are more roles in cybersecurity than just technical positions. “There are roles such as sales, marketing and channel managers. Female professionals might enter the sector bringing their experience in one of these areas and go on to develop technical skills in their new role.”

Inder says the cybersecurity gender gap may begin in early education. “I think all children are equally exposed to digital technology, but there is likely economic inequality that means some children have less access than others. The lower income children with no access will suffer as they grow up and try to access higher education, and traditionally the girls will be the ones who suffer the most,” she says. “The belief that cybersecurity is a man’s world must be challenged and changed from an early age,” she notes.

She also calls on women to explore the opportunities available to them in the industry. “There are jobs for anybody in this sector. There are so many areas where women can bring value through the experience they have gained in other sectors. They can evolve their role and enter more technical tracks later, because most companies offer technical training and certification opportunities.”