International Women’s Day: My Experience as a Woman in Cyber Security

Cyber security is quite a unique and niche industry. It's a fast-growing, constantly evolving, and increasingly critical industry, but at the same time, it faces a significant skills shortage and a consistently large gap in diversity.

According to the UK Government's Cyber Security Skills in the UK Labour Market 2025 report, only 17% of the UK cyber workforce is made up of women.

Throughout my career, I have worked in several male-dominated industries, including the merchant navy and, surprisingly to most, debt collection. Cyber security has by far been the most noticeable.

It's common to walk into meetings and industry events and be the only woman in the room. In fact, in some of my previous roles, I have been the only woman on the team.

When I look back at my education, the imbalance started very early. During my time at school studying IT, there were only three women in the class. While I enjoyed IT at school, I wasn't even aware that cyber security existed or that there was a career path. At the time, I thought a career in IT involved coding or plugging network cables together, which wasn't for me. I spent many years trying different paths to find the right career for me, before I stumbled upon cyber security, and even that was by accident.

I think this lack of awareness plays a role in the gender gap because many people don’t realise how many different roles exist within cyber security. The industry is very broad, including roles like penetration testing, threat intelligence, governance, risk management, engineering, incident response, and even physical security testing, which can involve breaking into buildings and breaching physical security controls.

Challenging the Stereotypes

Another big factor is that technology is generally stereotyped as something boys and men are encouraged to pursue from a young age.

People often associate working in IT with gaming, building computers, or growing up heavily involved with computers. There’s also the assumption that you need to be a coding expert or a mathematician. But in reality, that is not the case.

For example, I have never had any interest in gaming. Whereas my younger brother was heavily into gaming growing up, and the family assumed he would eventually work in IT and be a computer wizard. In reality, it turned out to be the opposite. I ended up working in IT, and he has no interest in working in IT at all.

There isn’t a specific type of person who ends up working in the industry; people come from many different backgrounds, and we need to move past and drop the stereotypes.

How to get into cyber security as a woman

I strongly believe anyone can do anything they put their mind to.

If you want to get into cyber security, the best thing you can do is start learning now. There are more resources available now than ever before.

From a penetration testing perspective, start learning computer science fundamentals to understand how systems and networks work. From there, start working on practical labs to develop hands-on skills and even build your own lab. The internet is full of resources, communities, and people willing to help others learn. I would also add that you might start learning the early fundamentals and then fall into the right path, that’s what happened with me.

I also don’t believe a university degree is necessarily required to get into this industry, so don’t let that stop you (it didn’t stop me, or some of the best people I know in this industry). Continuous learning and practical hands-on skills will take you far, but this is probably a whole topic in itself for another time.

Looking Forward

While cyber security has traditionally been a male-dominated field, things are changing slowly. Interestingly, the company I currently work for is almost entirely women penetration testers, something that would have been incredibly rare in the industry not that long ago.

Hopefully, over time, we will continue to see the gender gap narrow as awareness grows and more people realise that cyber security is a career open to anyone with curiosity and determination.