The celebration of International Day of Women and Girls in Science on 11 February is a good time to reflect on why women remain woefully underrepresented in science and technology, despite a staggering shortage of these skills in South Africa.
In cybersecurity specifically, a lack of diversity creates blind spots that organisations can no longer afford in an era of sophisticated cyber warfare.
According to StatsSA, women represent only 23% of the STEM (Science, Technology, Engineering and Mathematics) workforce in the country.
“This is often characterised as a ‘leaky pipeline’ where representation declines sharply from university, where only 13% of STEM graduates are women, through to professional leadership where the percentage is even smaller,” comments Anna Collard, senior vice-president: content strategy amd CISO advisor at KnowBe4 Africa.
In the country’s ICT sector, research from the Institute of Information Technology Professionals South Africa (IITPSA) shows that while women represent roughly 40% of employees, this drops to about 25% for core technical roles like cybersecurity, engineering and software development.
The gap is most severe at the executive level, with women holding only 5% of CEO positions in ICT organisations, according to the South African Institute of International Affairs (SAIIA).
Stereotypes hold women back
One of the primary reasons women remain underrepresented is the persistence of deep-seated cultural beliefs that label STEM disciplines as traditionally male domains.
“There is still an outdated perception of what a technical career looks like, who belongs there, and how expertise is measured,” asserts Collard.
These barriers often start long before the recruitment phase. Limited access to quality maths and science teaching in public and rural schools hinders foundational skills, while a lack of early exposure often results in a ‘confidence gap’ that persists into adulthood.
The strategic value of the ‘social engineering radar’
Far from being merely a diversity goal, the inclusion of women in cybersecurity is a strategic advantage. Diverse teams are statistically proven to be more risk-aware and better at problem-solving. This is particularly true when managing the human element of security.
“Women tend to bring a unique ‘radar’ to the team, especially regarding social engineering,” says Collard.
Superior communication skills, high emotional intelligence (EQ), and a tendency toward fostering genuine relationships helps detect and neutralise the psychological manipulation that defines social engineering attacks.
These skills can obviously be present in both males and females, but while traditional cyber defense often focuses on hard technology, women tend to bring a more holistic, people-oriented approach that complements male-dominated technical perspectives.
In a modern Human Risk Management (HRM) framework, diversity of thought is an invaluable security control. Attackers do not just target systems; they target people. If a security team does not reflect the diversity of the people being targeted, their collective blind spots grow.
Expanding organisational focus beyond traditional Security Awareness Training (SAT) toward a more holistic approach is becoming ever more important. This HRM model recognises that managing risk requires the seamless intersection of people, technology, and processes.
“Hiring women makes organisations more resilient,” asserts Collard. “Research from the National Cybersecurity Institute found that organisations with at least 30% women in their cybersecurity teams experienced 40% fewer security incidents.”
By integrating diverse perspectives, organisations move from a reactive ‘detect and defend’ posture to a proactive management of human risk. According to a 2025 study, the skills more prevalent in women such as innovative thinking, empathy, communication, flexibility, mentorship and resilience often give them the edge in cybersecurity.
Redefining the pipeline
In celebrating International Day of Women and Girls in Science, UNESCO has chosen as its theme this year “From Vision to Impact: Redefining STEM”. It aims to leverage emerging technologies such as artificial intelligence (AI) to promote gender equality and foster women’s leadership in scientific entrepreneurship.
“There are many ways in which girls and women can be encouraged to pursue STEM careers,” says Collard. “The key is early exposure and hands-on learning as girls, followed by mentorship after graduation to fix the leaky pipeline. Also, visible role models are important – if you can see it, you can be it.
“By providing a supportive environment and challenging unconscious bias in the workplace, companies can attract diverse talent, ensuring they stay ahead of the cybercrime curve.”