Header image

Four Years on From Fatima: Does More Women in Cyber Offer Better Diversity?

With more than 4000 more women working in cybersecurity, why is there still a gender diversity issue?


Cybersecurity is reportedly the UK’s fastest growing IT job, but the percentage of women in senior roles is declining.

According to research by Socura, cybersecurity is now the fastest growing tech occupation in the UK: the number of people in cyber roles increased by 128 percent between 2021 and 2024.

It also found that despite there being 4,600 more women in cybersecurity roles in 2024 compared to 2021, the percentage of women in cybersecurity roles has decreased overall.

“Attracting more workers, particularly women, into cyber remains a key challenge for the industry,” said Dr Kathryn Jones, head of school, Computer Science and Informatics at Cardiff University.

“However, gender imbalance and the low representation of women is a wider issue in the tech sector, not only cybersecurity. The number of women enrolled on computer science and software engineering courses, for example, is typically also low.”

Role Models

This is interesting, does it suggest that more women have left roles in cybersecurity since 2021, to be replaced by more people, but we still have a problem with a hiring misalignment? One of the issues has been a lack of women in senior roles, with only 21 percent of women filling senior roles.

In an email to SC UK, Andy Kays, CEO at Socura, said people are less likely to pursue a career if they don’t see role models who look like them or have similar backgrounds.

“The lack of women in cyber is, first and foremost, a natural consequence of fewer women in STEM,” he said. “Until we can encourage more girls to pursue STEM subjects, and more young women to switch to STEM careers, the cybersecurity industry will continue to be dominated by men.” 

Statistics show that the overall percentage of women that make up the core STEM workforce is currently 26 percent. 

Also speaking to SC UK, Lisa Ventura says that when you consider the huge pool of talent that is out there, she did not feel that 4600 more women being hired in cybersecurity is enough.

“The question is though, how can we attract more women into the cybersecurity industry? When I ask women who I talk to who are interested in getting into cybersecurity what the term 'cybersecurity' brings to mind for them, for many it conjures images of hackers in hoodies, intricate motherboard diagrams, padlocks, and binary code,” she says.

“The perception of cybersecurity goes way beyond these annoying clichés, and it can also encompass faceless cyber attackers sporting hoodies, military symbolism, and war rhetoric, and even the notion of cyborgs or futuristic machines battling in space.”

Ventura says these exaggerated portrayals could be off-putting to anyone looking to get into cybersecurity.

Miles Behind?

The numbers from Socura correlate with those disclosed by Baroness Jones of Whitchurch, Parliamentary Under-Secretary of State for the Future Digital Economy and Online Safety last week, where she said the UK tech sector is “miles behind other sectors like Financial Services and law when it comes to diversity.”

Jones cited the lack of diversity in both gender and those  from lower socioeconomic backgrounds. “This is bad for equality and it's bad for opportunity, and it also comes at a profound economic cost, because we know that the more diverse the companies are the better, they do, they grow faster, they create more jobs for more people.”

Fatima's Legacy

Notably, the Socura research comes four years after the government’s reskilling advert, featuring a ballet dancer named Fatima. This advert claimed her ‘next job could be in cybersecurity’  but was soon scrapped, with a spokesperson for then Prime Minister Boris Johnson saying: “This particular piece of content was not appropriate and has been removed from the campaign.”

Kays says he was not sure if the Fatima ad was around long enough to make a tangible difference. “However, this wasn’t the only version of the CyberFirst ad campaign. Some of the less controversial ads encouraging people to reskill and pursue a career in cyber may have had an impact,” he says.

“Cybersecurity is a relatively new industry. It makes perfect sense that occupation figures would be quite low compared to more established IT professions, and capable of rising much faster.”

Better Recognition

Asked if there needs to be a better recognition of experience, skills and education to better draw people to apply for available roles, Kays says there needs to be better collaboration between education and industry, as universities need to teach the skills that employers actually need, and employers should be working with universities to offer clear pathways from education to employment.

“A lot of cybersecurity job ads are wildly unrealistic in their expectations, particularly for entry-level roles,” Kays says.

“I also think we need to accept that a lot of talent doesn’t always have a formal education. Some people will go a more traditional route and do well in STEM subjects at school and university, but it’s also a career that can appeal to individuals who don’t do well in formal education. Companies need to make space for these people too, and not exclude them from jobs they would excel in, just because they don’t have formal qualifications.”

It is pretty clear that cybersecurity is the UK’s fastest growing IT job, however there are still a lot more people needed to do it, and better appreciation of skills and experience by hiring employers.

If an advert featuring a ballet dancer was so reprehensible to so many, maybe just offering a decent and respectful workplace environment, with suitable salary and benefits, would be more appealing.


Dan Raywood
Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Dan Raywood
Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Upcoming Events

No events found.