March is a meaningful month for me personally as we honor Women’s History Month and International Women’s Day. Some of the most powerful role models in my own life are the women who raised me and the community of women who’ve provided the support and encouragement that continues to empower me to believe that I can be anything I aspire to. In security, this is particularly important because women are still underrepresented and so critical to the future of our industry. I’ve had the great fortune of working with many wonderful women throughout my career and one of the things I find so often to be true is that the path to a career in security does not have to be a linear one. There is no right way to come into this industry, no one background or training ground required. In fact, diversity of experiences and perspectives are the critical secret sauce to building a safer world for everyone.
Here are just a few examples of incredible women at Microsoft who may never have envisioned cybersecurity as their destination when they were starting out:
“Threat intelligence is about taking subjective information and turning it into objective protections. Ultimately, it’s data-driven intuition and it’s extremely powerful. Women learn this skill early, and in so many areas of life they’re natural threat intelligence analysts.”
—Sherrod DeGrippo, Director of Threat Intelligence Strategy, Microsoft
These cyberdefenders work every day to keep our world safe and also support and mentor other women to create their own trails and pathways. I invite you to follow them on LinkedIn and attend the Women in Cybersecurity (WyCiS) conference presentations and RSA Conference, where many of these amazing women will share their stories over the next few months.
A huge opportunity still exists to welcome more women into cybersecurity. More than 4 million cybersecurity jobs are available globally.2 These are roles that women can help fill and triumph in, but we must lay the groundwork to make such roles an attractive and available career option, and to help change the perception of what it takes to succeed.
While there’s been steady progress over the past few years, women fill just 21% of cybersecurity leadership roles and only 17% of board member positions in cybersecurity.3 In 2022, Microsoft Security commissioned a survey to explore the reasons behind the gender gap in cybersecurity skills. Just 44% of women who responded said they feel adequately represented in the industry.
Several factors contribute to fewer women joining the cybersecurity profession than men:
By fostering an environment that welcomes women into cybersecurity, we break down barriers and build stronger, more resilient cyber defense mechanisms. Diversity isn’t about filling quotas; it’s about building resilient, innovative teams capable of outthinking and outmaneuvering cyberadversaries. It’s up to us to shift the view that cybersecurity is too demanding—especially as AI can help to alter this balance. And it’s past time to change the perception that cybersecurity is a field of hacker men in hoodies in their basement.
We need to continue to be role models and allies for underrepresented groups, especially for those from underprivileged backgrounds. There is often no easy way for underprivileged aspiring entrants to practice their craft from a young age and eventually enter science, technology, engineering, and mathematics (STEM) fields, regardless of other factors. To change this, we need to invest and support the many not-for-profits that help those from underprivileged backgrounds.
During the past year, Microsoft has partnered with many organizations similarly committed to building a more diverse cybersecurity workforce. One huge way these organizations are doing that is by offering training to girls so they can become the next generation of cybersecurity professionals through programs like GirlSecurity, TechTogether, and IGNITE Worldwide (Inspiring Girls Now in Technology Evolution).
Another initiative we support through partnerships offers training to women interested in switching careers or upskilling their cybersecurity knowledge through programs like WiCyS and Executive Women’s Forum (EWF). We also partner with global education programs, including CyberShikshaa in India and WOMCY in Latin America, to empower women and minorities in cybersecurity.
These programs and initiatives have a tremendous impact on encouraging more girls to consider careers in cybersecurity and getting more women to join the cybersecurity workforce. Among other benefits, they help girls and women build confidence, meet female cybersecurity role models, develop or enhance their skills, and gain experience to add to their resumes.
To further develop women’s careers, Microsoft Philanthropies and Women in Cloud jointly sponsor the Women in Cloud Cybersecurity Scholarship to provide women with structured skills development, certification opportunities, and employability readiness coaching. By 2025, more than 5,100 scholarships will be awarded.
The momentum is due in part to community-wide efforts to increase the number of women and diverse employees in cybersecurity roles. Community organizations like Blacks in Cybersecurity (BIC) and WiCyS play a crucial role in providing pipelines for marginalized groups to enter the cybersecurity field.
AI is revolutionizing how we approach cybersecurity, from predictive analytics to automated threat detection. Yet beyond algorithms and data models, there’s an urgent need for human insight. According to a study from Utica University, women with their unique perspective also have strong analytical and problem-solving skills, which are essential for identifying and addressing security threats, and tend to have a more risk-averse approach, which can help to reduce the likelihood of human error in security operations.4 These unique perspectives help to shape our AI for security and help to ensure that AI is inclusive, fair, reliable, and safe, transparent and inclusive. We also believe that creators of AI, as well as its users, must hold themselves to a standard of accountability. And within that context, the possibilities for this exciting technology are limitless.
Happy International Women’s Day! While progress is being made—and opportunities are opening—for women and minorities in cybersecurity, much can still be done to overcome barriers to entry for these groups. Let’s continue to work for more representation in cybersecurity by forging new paths with more allies.
To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.
1Women to Watch in Cybersecurity, Forbes. October 26, 2022.
2How the Economy, Skills Gap and Artificial Intelligence are Challenging the Global Cybersecurity Workforce, ISC2. 2023.
3International Women’s Day: Only One-Fifth of Cybersecurity Leadership Roles Filled by Women, IT Security Guru. March 8, 2023.
4Why we need more women in cybersecurity TechBeacon.