The shortage of women in tech is especially pronounced within the field of CybersecurityFeatured

daniellekraft's profile thumbnail
I have always been interested in cybersecurity, would love to attend the Diana Initiative conference one day!
ginnyfahs's profile thumbnail
Thanks for this post. I've been interested in Cybersecurity recently and trying to get my feet wet in the field. Are there any readings or online courses in particular that you recommend @MayDay?Also, for those interested in this subject -- I loved Emily Chang's recent op-ed which argues that we need to start thinking about digital privacy and cybersecurity as women's issues:
MayDay's profile thumbnail
On my reading list is “The Smart Girl’s Guide to Privacy” by Violet Blue. I am curious on her advice on navigating this topic. As far a courses go, I like to recommend any that cover a broad understanding of Cybersecurity (i.e. not throwing you in to hacking tools or crypto with no background). The courses on cybrary allow you to search for beginner level courses on this (what is Security, security engineering principles), and I’ve heard many people give it positive reviews for ability to follow and understand. Ted Talks on ‘cyber’ are a good way to hear about different aspects of Cybersecurity (hackers, cybercrime etc.). YouTube channels: Infosec, Virginia Cyber RangePodcasts: Security Now, Command Line HeroBlog: Krebs on Security
ginnyfahs's profile thumbnail
Incredibly helpful list. Thanks for taking the time to reply so thoughtfully! Planning to dig in with the resources you mentioned this weekend :)
kelevraminty's profile thumbnail
I want to advance in this field, currently going through the CISSP course on cybrary, but i need a pointer, a guide, a mentor so that i don't derail.
MayDay's profile thumbnail
Check out they have a good tool that shows pathways to take your cyber career and info about salaries, education/skill sets most requested for each job. There’s also a map that shows area of the US where they are most in demand/shortage. For mentorship- there are a few organizations that have formalized programs:Executive Women’s Forum (pairs junior women with senior women)Women in Cybersecurity (WiCyS) (theirs is to be launched this year)Another idea would be to reach and join an organization, many have junior/student memberships:ISSAISC2Women’s Society of Cyberjutsu
Vidya's profile thumbnail
LOVE this plea to get more women into cybersecurity. For me at least, there is a daunting amount of things to learn and so many folks who have been at it longer that sometimes it makes me feel like I am an imposter in this space - even though I've been working in it for nearly 5+ years. Attending conferences like defcon and going to the noob sessions have been great to help me feel like I have a community, but being the only woman at my startup demonstrates the shortage you've alluded to and importance of bringing more women into the field!
MayDay's profile thumbnail
Yes! I am far too often the only female or the only non-secretary female in the room. Finding that supportive community has shown me that while I am the only one present at the moment, I am not the only one in the field. I have always felt that everyone knows way more than me (most folks I work with have 10+ years on me), and I try to think of it as 1) everyone else also felt this way when they started 2) in this field everyone is constantly learning because it changes so quickly 3) no one knows it all, if so, they are pretending they do ;)
elptacek's profile thumbnail
I am trying to hire more women (our first hire was female, and I found her), but I practically have to sit on !male people that I know to get them to apply. Also, I've been working in this space for 30 years, and IME, you never stop feeling like an imposter, but you can become comfortable with the feeling, over time. Remember that we are on the bleeding edge of what is going on in the world and often find ourselves dealing with things that have never existed before. Each challenge requires us to come up with a valid test plan on the fly for every new idea that gets dreamed up by devs and devopses. It's a never ending stream of failures and despairs, and it's very easy to overlook all the bad stuff that didn't happen because of the work you've done.Though sometimes I've seen what some sites have become and I regret testing them a decade ago. Nothing I can do about that, now, though.
Cdikibo's profile thumbnail
I'm currently fighting hard trying to stay in the cybersecurity field, but I'm having a time getting past the door.
MayDay's profile thumbnail
Hit me on LinkedIn if you are open to discussing!
Gentry's profile thumbnail
I run a computational cybersecurity/threat intelligence company and I'm always hiring full stack developers, deployment/customer success reps with IT backgrounds, data scientists and sales. Must be a US citizen, able to pass security clearance, and work here in DC.
czawolf's profile thumbnail
This is such an excellent post. It was particularly insightful for me as a young woman, with a start-up called 3A Security (, that I hope will expand into a much larger cybersecurity-focused business. I completely agree with the things mentioned above- and the statistics puts everything in so much perspective. From experience, it is really intimidating at first as most mentors I've been assigned have been older, white men, and a lot of the discussions I'm having have been with and in front of men. As someone who is a lot younger and also a female with limited help from other women in the specific field of cybersecurity, it's been difficult to be taken seriously! It would be amazing to get to work with "seriously cool and smart women". So thank you for the links you provided! 🤞🏽
kimberrleigh's profile thumbnail
My Masters is in Information Security, but I've never felt confident enough that I know any of the technical side of it - especially since I got my Masters 7 years ago and times have changed! And most of the cybersecurity/InfoSec positions within my company require some of that technical knowledge, so it's a barrier for me to even apply for those positions.I love the human side of cybersecurity, as in social engineering and human behavior but I don't even know where to start professionally being able to dive into that. Any advice?
MayDay's profile thumbnail
The social engineering and security usability aspects are super important- it’s essentially a company’s first line of defense. For some inspiration, check out Kevin Mitnick’s The Art of Deception (written way way back in 2003), and any of the work done by Dr. Lorrie Cranor. She founded Wombat Security which focuses on security awareness and training. And if you want to test out your skills and meet others with this interest, DEF CON hosts a Social Engineering Village and CTF totally focused on this skill.
MayDay's profile thumbnail
Part 2: my favorite story out of DEFCON is how one guy meet his future wife there- she socially engineered him on the ‘hack the badge’ competition.
dmontague's profile thumbnail
Yes! Great post. I've been in Cybersecurity for almost 5 years, and although I am in a job I love now, the initial transition into security was not easy. Despite having 15 years of IT experience, I jumped into Infosec laterally and did not fully understand the breadth of what I was expected to know and do. That led to major imposter syndrome, a huge drop in my confidence, and I ultimately left that position feeling horribly unsupported and demoralized. Enter my next job (where I currently am) and my confidence has built back up because I feel supported and respected. It is a complete 180, and so much of it had to do with finding a good fit, and a having a mentor or boss that can help you find your footing and recognise your strengths. That, and having a community to turn to, via meetups, or even on Reddit or Slack (or here!). Of course, this is important in any field, but Cybersecurity is kind of crazy in that there are infinite paths you can take (any one of which could take years to fully master) and that can feel very overwhelming to a newcomer. This is like saying you work in "the medical industry", where you are simultaneously a lab tech, radiologist, researcher, surgeon, and an EMT. However, it is BECAUSE of this breadth that I really feel there is a place for EVERYONE in Cybersecurity, no matter your interest or past experience. It is hard to know where to start, but finding something you are naturally interested in, or thinking of something you're already good at, is a perfect seed from which to grow your skills. I'm happy to be a resource for beginners or anyone interested in the field not knowing where to start!
MayDay's profile thumbnail
Yes! I love the analogy of “the medical industry” it’s totally true. What’s important is that everyone coming into this field has a different background, different perspectives and different experiences and honestly you need that because the ‘cyber world’ is not one dimensional and simple.
Briannaj's profile thumbnail
Great post! Thanks for writing it up. Would love, love, love to see more women in cybersecurity!I've been in the information security industry for 10+ years, and think its great (I just love it though!) but can be really tough as a woman. I've worked in incident response, corporate security, and just about all facets of security for a cloud company at one point. I currently run the Red Team (emulating hacker threats against the company) at Atlassian and it is a massively fun job. For anyone who is looking to stay in cyber, move into cyber, or advance their career in cyber just a call out that we have jobs open across all areas of security including production security/engineering, corporate security, ecosystem security (marketplace), incident response (security intelligence), offensive security (Red Team!), and more. They range in experience levels from intern to manager so no matter your experience level, we are looking to hire! It's one of the best companies I've worked for in terms of values and culture and is highly supportive of inclusiveness in the workplace. I'm also open to setting up some mentoring groups possibly in the future. You can message me on linked in if you would like more information about jobs or mentoring! Wishing the best of luck to all you cyber warriors XD
mintlodica's profile thumbnail
I feel this. I'm currently a manager for the Product Design team at Cloudflare. We've made strides recently on my immediate team, 4 womxn joined the past 2 months! But the co as a whole is very male dominated.
MorganLucas's profile thumbnail
I've been trying for 3 years to get any job in the industry. IT, Help Desk, or otherwise, to no avail.When they start mentoring people, when they start accepting that the shortage will continue until they hire willing people and train then up, maybe they'll solve the problem.Not everyone in IT is fit to be in Cyber - I find the pressure to be almost panic attack inducing at this point in my life - but they are dooming themselves.
Vidya's profile thumbnail
Agreed on needing to invest and being willing to train people - seemingly at odds with startup life of moving fast... We are trying it out with an intern to see how it impacts the team and if we can still hit deadlines. Let's see what happens.