Women are estimated to hold only one-quarter of cyber security jobs globally and that percentage is even lower for senior leadership positions. The gender gap is evident in the rooms where cyber laws and policy are made, diplomacy occurs, and research develops. Access to and use of the Internet and related digital technologies is highly gendered; the International Telecommunications Union (ITU) reports that while women account for roughly half the global population, they account for a disproportionate (and growing) share of the global offline population. According to the ITU, in 2023, women outnumbered male non-users by 17 percent, up from 11 percent in 2019. The disparity in meaningful access is also a function of other intersecting factors, such as location, economic power, age, gender, racial or ethnic origin, social and cultural norms, and education, among others. These factors also play a role in women’s ability to develop digital literacy as well as access fields of education that lend themselves to cybersecurity-related careers.
Women, men, and gender-diverse individuals use the Internet and digital technologies in varying ways. Some of this is positive and even transformative; Internet platforms can be used for personal expression, political organizing, education, and community-building. In parallel, however, technology is expanding the violence and harassment already experienced by women and marginalized individuals into online spaces and manifesting in new ways – non-consensual image sharing, stalking, trolling, defamation, and doxxing, to name a few. Furthermore, the explosion of generative artificial intelligence (AI) into the mainstream is exacerbating gender and racial biases and further fueling technology-facilitated gender-based violence. If cyber laws and policies are to be effective in addressing these vulnerabilities and exploitative practices, then they must consider the different perceptions of security based on lived experience.
Technology is sometimes referred to as a double-edged sword in relation to gender – it can play a pivotal role in connecting individuals and be a driver for change by accelerating access to opportunities. Yet all too often, it is used against women and marginalized individuals or communities in ways that undermine efforts to achieve equality.
Existing inequality and gender-based abuse is replicated online with devastating effects. The speed and scale at which information can be shared online sets it apart from other types of physical violence. Harmful content is more difficult to eliminate and it can be shared quickly and repeatedly, inflicting recurrent abuse and re-traumatizing survivors. Justice mechanisms can be slow or nonexistent, as legal and governance systems seek to catch up with the proliferation of new technologies and platforms such as AI. Furthermore, digital violence often isn’t taken as seriously as physical violence, despite evidence that it can transition offline and manifest through surveillance, stalking, coercive control, or physical violence.
The harms caused by digital violence also impact women’s engagement in public life. For politicians, journalists, or human rights defenders, the online environment is ripe for the manipulation of personal information or intimate images—real or fake—to undermine their influence and deter them from participating in public life. Even for women who are not active in public life, the disproportionate levels of abuse can deter them from engaging online, contributing to the growing digital divide.
In an era of feminist foreign policies and widespread commitment to achieving gender equality, support for incorporating a gender lens in cyber security at the multilateral level is growing. For example, UN talks on international cyber security are more regularly considering how to incorporate gender in cyber threat analysis, confidence-building mechanisms, and capacity-building. A “Women in Cyber” fellowship program enables early- and mid-career female officials to participate in sessions of the UN’s current working group on international cyber issues. The Fellowship has become an important peer support mechanism for women working in cyber diplomacy or governmental Computer Emergency Response Teams (CERTs) while also boosting diversity in UN cyber negotiations.
Yet enhanced participation can also be a double-edged sword. When there are only a few women in a male-dominated room, often the presumption is that the women will raise issues related to women or gender. Similar expectations often extend to other marginalized individuals who are underrepresented and have different intersecting experiences. This places a significant burden in these settings on those in the minority who may already be experiencing pressure from raised expectations and concerns about perceptions that their participation is merely ‘tokenistic’.
Of course, there are settings where diversity and sharing of lived experience is integral to enhancing the development of effective policies. Increasing the critical mass of diverse women participating in cyber security organizations and negotiations will contribute to these efforts. However, women and other marginalized individuals should not be expected to carry this additional weight alone. This is why governments need to continue to not only integrate gender considerations into their national cyber security policies but also put in place accountability mechanisms to support women’s meaningful participation and ensure gender-responsiveness as part of their national policies and programs.
The ‘gender problem’ in cyber security is therefore not just about participation gaps and differentiated threats, but also about addressing the additional burden placed on women and gender minorities to be our own champions. Gender diversity is not just about women, and nor should the onus to fix inequalities fall solely to women or other marginalized groups. It requires getting everyone on board and recognizing that cyber security is a shared responsibility – and one that has the transformative potential to strengthen gender equality and our security if approached in an inclusive manner.
Narrowing the Gender Gap in Cyber Security
By Allison Pytlak • Lisa Sharland
Emerging Technology
International Women’s Day is an opportunity to reflect on the importance of gender diversity and inclusion in all facets of life. In the areas of cyber and digital security, great strides have been made to reduce the so-called ‘digital gender gap’ and raise awareness of the gender differentiated threats and risks posed by digital technology. Yet challenges remain including that often there is a presumption that women will raise issues about women or gender. Governments need to integrate gender considerations into their national cyber security policies and put in place accountability mechanisms that support meaningful participation and gender-responsiveness. Gender diversity, just like cyber security, is a shared responsibility and we all have a role to play in achieving it.
Women are estimated to hold only one-quarter of cyber security jobs globally and that percentage is even lower for senior leadership positions. The gender gap is evident in the rooms where cyber laws and policy are made, diplomacy occurs, and research develops. Access to and use of the Internet and related digital technologies is highly gendered; the International Telecommunications Union (ITU) reports that while women account for roughly half the global population, they account for a disproportionate (and growing) share of the global offline population. According to the ITU, in 2023, women outnumbered male non-users by 17 percent, up from 11 percent in 2019. The disparity in meaningful access is also a function of other intersecting factors, such as location, economic power, age, gender, racial or ethnic origin, social and cultural norms, and education, among others. These factors also play a role in women’s ability to develop digital literacy as well as access fields of education that lend themselves to cybersecurity-related careers.
Women, men, and gender-diverse individuals use the Internet and digital technologies in varying ways. Some of this is positive and even transformative; Internet platforms can be used for personal expression, political organizing, education, and community-building. In parallel, however, technology is expanding the violence and harassment already experienced by women and marginalized individuals into online spaces and manifesting in new ways – non-consensual image sharing, stalking, trolling, defamation, and doxxing, to name a few. Furthermore, the explosion of generative artificial intelligence (AI) into the mainstream is exacerbating gender and racial biases and further fueling technology-facilitated gender-based violence. If cyber laws and policies are to be effective in addressing these vulnerabilities and exploitative practices, then they must consider the different perceptions of security based on lived experience.
Technology is sometimes referred to as a double-edged sword in relation to gender – it can play a pivotal role in connecting individuals and be a driver for change by accelerating access to opportunities. Yet all too often, it is used against women and marginalized individuals or communities in ways that undermine efforts to achieve equality.
Existing inequality and gender-based abuse is replicated online with devastating effects. The speed and scale at which information can be shared online sets it apart from other types of physical violence. Harmful content is more difficult to eliminate and it can be shared quickly and repeatedly, inflicting recurrent abuse and re-traumatizing survivors. Justice mechanisms can be slow or nonexistent, as legal and governance systems seek to catch up with the proliferation of new technologies and platforms such as AI. Furthermore, digital violence often isn’t taken as seriously as physical violence, despite evidence that it can transition offline and manifest through surveillance, stalking, coercive control, or physical violence.
The harms caused by digital violence also impact women’s engagement in public life. For politicians, journalists, or human rights defenders, the online environment is ripe for the manipulation of personal information or intimate images—real or fake—to undermine their influence and deter them from participating in public life. Even for women who are not active in public life, the disproportionate levels of abuse can deter them from engaging online, contributing to the growing digital divide.
In an era of feminist foreign policies and widespread commitment to achieving gender equality, support for incorporating a gender lens in cyber security at the multilateral level is growing. For example, UN talks on international cyber security are more regularly considering how to incorporate gender in cyber threat analysis, confidence-building mechanisms, and capacity-building. A “Women in Cyber” fellowship program enables early- and mid-career female officials to participate in sessions of the UN’s current working group on international cyber issues. The Fellowship has become an important peer support mechanism for women working in cyber diplomacy or governmental Computer Emergency Response Teams (CERTs) while also boosting diversity in UN cyber negotiations.
Yet enhanced participation can also be a double-edged sword. When there are only a few women in a male-dominated room, often the presumption is that the women will raise issues related to women or gender. Similar expectations often extend to other marginalized individuals who are underrepresented and have different intersecting experiences. This places a significant burden in these settings on those in the minority who may already be experiencing pressure from raised expectations and concerns about perceptions that their participation is merely ‘tokenistic’.
Of course, there are settings where diversity and sharing of lived experience is integral to enhancing the development of effective policies. Increasing the critical mass of diverse women participating in cyber security organizations and negotiations will contribute to these efforts. However, women and other marginalized individuals should not be expected to carry this additional weight alone. This is why governments need to continue to not only integrate gender considerations into their national cyber security policies but also put in place accountability mechanisms to support women’s meaningful participation and ensure gender-responsiveness as part of their national policies and programs.
The ‘gender problem’ in cyber security is therefore not just about participation gaps and differentiated threats, but also about addressing the additional burden placed on women and gender minorities to be our own champions. Gender diversity is not just about women, and nor should the onus to fix inequalities fall solely to women or other marginalized groups. It requires getting everyone on board and recognizing that cyber security is a shared responsibility – and one that has the transformative potential to strengthen gender equality and our security if approached in an inclusive manner.
Recent & Related