Less Talk, More Action: Straightforward Strategies to Attract and Retain Women in Cyber Security

Just how exactly do you attract and retain women in cyber security?

Studies showing the importance of diverse teams, specifically gender diverse teams, have been exhausted. Just in case you missed those proven statistics, having gender diverse teams increases team productivity, team performance, and overall team satisfaction.

Now, the focus has finally shifted to how do we actually get more women into cyber security?

Women make up roughly 50% of the global population and 40% of the global workforce, and 24% of the global cyber security workforce.

In the Middle East women make up 35% of the workforce, but only 5% are cyber security professionals.

In order to lift the ratio, we need to concentrate on how to attract women to join the cyber security industry, and once we have women in our teams, how do we keep them?

There are many various attraction and retention strategies, each with their own purpose and fit for different global regions. Without overcomplicating it, let’s focus on just a few straightforward, painless strategies for both short-term and long-term, easily applied globally.

Short-Term Attraction & Retention Strategies

When you’re writing the job advert, emphasize on your company’s culture and behaviours, focus on the benefits and how you support your employees, while keeping the language gender neutral. And please, refrain from having a long shopping list with unrealistic boxes for candidates to tick. Women can be more hesitant to apply for a job with long lists of requirements, especially if they have not had the experience matching 100% of each requirement to deliver on. While men are generally more open to applying for roles where they may meet part of the requirements, then consider the remaining as scope for growth.

We need to recognise transferable skills and how critical they are. Soft skills should have just as much, if not more, focus as technical skills. Studies show that technical skills take less effort to teach and learn than soft skills. Hiring a candidate with strong communication, collaboration, curiosity, adaptability, passion, and critical thinking skills, can be invaluable to your team and organisation’s success. When you’re hiring for a new role, look at the bigger picture, break down the criteria of what makes a candidate successful in that position. Focus on what can be learned and what can’t.

Once you have women working in your teams, how do you keep them?

In meetings, women can be less likely to speak up. Support, encourage, and empower the women in your teams to speak up, make sure they know their opinions are valued.

Apply basic management strategies, recognising that each of your team members have different motivators for remaining loyal. For women these include flexible working hours, remote working, part-time hours, job sharing opportunities, career development, education development and time away from office to complete certifications.

Flexible working strategies are important, as a 2015 study revealed that globally, 75% of unpaid work (such as caring for children and elderly relatives, school runs, household work, just to name a few) is done by women, who spend between three to six hours per day on unpaid work, compared to men’s thirty minutes to two hours per day.

The ongoing pandemic has taught us that working remotely is achievable. 

Long-term Attraction Strategies

For long-term attraction strategies, the answer is cyber security outreach programs. There is a significant lack of communication and outreach programs to address what cyber security actually is, and how it affects us personally and professionally. We need to do more in schools, from primary through to university. Our youths are not given fair opportunity to understand what cyber security is, nor the full landscape of career paths available, both non-technical and technical. 

If we want a fighting chance at change, we need more airtime and more spotlights on the cyber security industry and women already in it. Young girls need female role models they can identify with and make connections with. We need to be giving the spotlight to women with various backgrounds, skills, and education. Shining the light on how there isn’t just one pathway to the same career, while highlighting the full spectrum of careers available and the impact they each have within the business.

Long-term retention strategies are the same as the short-term, however, adding in that you may need to review your company culture and behaviours. Implement time out for volunteer work and paid study leave. Paid maternity leave and return to work programs for women returning from maternity leave, and even looking at subsidised childcare, school fees, and summer programs. Paid paternity leave should also be considered. Gender pay gaps still exist, have a look at your organisation and see if changes need to be made.

Increasing women in cyber security not only increases team performance and productivity, it also impacts the global skills shortage in cyber security and combats ever-increasing cybercrime.


Heide is based in the UAE as Head of Cyber Security Strategy for Polytronic Training Systems, creating innovative essential cyber security strategies and practices required for teams to securely function. Heide is also one of the co-founders of Women in Cyber Security Middle East, established in March 2018 by nine women. Previously based in Australia, she was part of the leadership team for Australian Women in Security Network (AWSN) while also being a FITT (Females in IT&T) Mentor. Heide’s career path evolved from chasing her diverse passions and not being afraid of change. Resulting in her +14yrs experience spanning across 3 continents within varying fields, organically transpiring to where she is today. Her own journey into the cyber security field arose since she was not made aware of the importance of cyber security or presented with opportunities in her youth education, nor her early career to engage in the field. She sought out and pursued these opportunities herself and used her own experiences to increase female presence in cyber security. Heide is committed to ensuring that women of all ages have the opportunity presented to them on how they too can get involved in cyber security, contribute and be heard.