Modern Workplace

Representation matters: How to attract, recruit, and retain women in cybersecurity

Mar 03, 2022
Women in cybersecurity

International Women’s Day and Women’s History Month provide the opportunity to celebrate women's achievement, encouraging all of us to raise awareness against bias and take action for equality. At Zscaler, we strive to foster a corporate culture that is welcoming, engaging, and fulfilling for women and traditionally-underrepresented populations.

Most cybersecurity companies embrace the ideals of parity and equity, but despite our industry’s noble aims, we can do more. Attracting, recruiting, and retaining women in our industry remains a challenge. There is call for some optimism, however. The technology industry continues to lead in percentage of women hired into senior management roles. But that progress demands context: IT’s percentage of women in all roles lags behind other industries.

Our industry’s lack of diversity is antithetical to its success: Cybersecurity succeeds when blind spots are eliminated. Seeing the complete threat landscape picture requires the combined vision of every possible set of eyes. In a recent article for Fast Company, contributor and Gusto Chief Security Officer Fredrick Lee noted, “In order to prevent attacks, the security industry needs to understand the psychology and behavior of all users, not just those from a single background.” 

“Equity, then equality.”

Diversity in thought and experiences are fundamental to securing the modern enterprise. In the battle against cyber adversaries, diverse perspectives contribute essential, differentiated abilities…

  • …to target and identify the ever-fluctuating cyber risks and threats.
  • …to analyze and identify how to approach and mitigate threats.
  • …to develop structured methods, communication tactics, and oversight to address threats.

To get to this ideal, we must ensure an equitable working environment. And that’s fundamental to achieving an equal one, says Nicole Darden Ford, VP and CISO at Carrier.

"'Equality' means a group of people are given the same resources or opportunities," explains Ford. "'Equity' goes further to recognize that each person has different circumstances and barriers. You must first ensure equity before equality is even achievable.”

In addition to delivering better service, technology organizations that commit to gender diversity in executive teams attract and retain better talent. (Oh, they also see higher profits.)

Three powerful words for the future of women in tech: attract, recruit, retain

Leaders in the tech community – like Nicole, like me, and like every other executive out there – have a responsibility to improve gender representation in our organizations. That responsibility isn’t just to society. It’s to our customers, our partners, and our shareholders. To bring (and keep) women in cybersecurity, leaders like us must focus on attracting, recruiting, and retaining talent. Below is my counsel to leaders like us (and even leaders not like us) seeking to drive change.


  • Get clear on an organizational diversity, equity, and inclusion (DEI) strategy. That plan should articulate priorities, goals, and impact to candidates; and emphasize programs and opportunities available to meet a candidate’s intersectionality needs (such as a flexible work schedule to accommodate familial caregiving requirements).
  • Invest in diverse STEM pipelines for youth. We can’t attract qualified women if there aren’t any. We must build a community of next-generation IT leaders. That requires immediate investment in STEM educational programs that generate a curiosity in technology and begin instilling foundational cyber skills.
  • Prioritize inclusion. “Belonging” must be foundational in our organizations. We can offer peer connection opportunities so employees become our strongest recruiters.


  • Source candidates from non-traditional channels. We need to meet candidates where they are: professional associations, community colleges, social media, etc. 
  • Nurture partnerships with train-to-hire organizations. Organizations like iRelaunch identify and train passionate women committed to expanding their technology expertise. That creates a community of new experts willing to work within a new industry
  • Ensure hiring panels are diverse. Your organization will be better attuned to the needs of diverse candidates if your hiring panels are diverse. Include leaders who can speak to gender parity, organizational DEI efforts, and gender bias concerns


  • Develop roles that connect business and cybersecurity. This will deepen business knowledge on your team, and prepare employees for growth and advancement (even if that advancement occurs outside of tech).
  • Create upskilling/reskilling programs. These should include learning tracks and on-the-job shadowing opportunities available to grow knowledge and improve performance. 
  • Offer flexible working arrangements. Support individuals as personal situations change and with struggles to meet standard working hours. Help identify and offer temporary flexible arrangements to prevent attrition out of the workforce or alternative employment options.
  • Invest in mentorship programs. Mentorship programs create connections, and can set employees up for success. Advocate for sponsorship opportunities designed to elevate women in leadership. Engage women in other business teams to gain exposure across the cybersecurity and technology groups.
  • Develop a career committee. Create a team of organizational business and technology leaders to offer career development advice and support to women leaders, all independent of performance reviews.
  • Create internal organizational goals to advance women in leadership. Just as important, commit to an action plan to achieve these goals.
  • Encourage internal open communication and transparency. Share diversity metrics. Provide visibility to help your organization drive change

Diversity delivers tangible value to technology organizations with more comprehensive threat protection and better performance. We can, and must, support the cause of women in cybersecurity. I challenge everyone reading this to commit to a gender-parity roadmap and to doing everything possible to ensure the achievements of women in your organization. Our success resides on the collective efforts of not just individuals, but on organizations who prioritize diversity, equity, and inclusion - organizations committed to social responsibility and the wellbeing of its people.   


What to read next

Challenging generations-old beliefs key to advancing women in technology

7 Rs to employee engagement 

Stronger together: the role of coaching and mentoring in leadership transitions