In Australia, women are only 17 percent of the cybersecurity workforce. This long-standing imbalance is a major thorn in the side of the industry and has created a critical gap in digital protection. With AI-driven threats on the rise, diversity in the workplace isn’t just a nice to have; it’s an absolute necessity.
There are two sides to this coin: one is that cybersecurity involves complex problem solving, which benefits from differing perspectives; the other is that cyberthreats disproportionately affect women. Women offer diverse perspectives, particularly perspectives that are more commonly confronted with specific types of scams, and the benefits of having them at the decision-making table are numerous.
According to reporting by the Organized Crime and Corruption Reporting Project, women were more likely to report feeling unsafe online. They received more phishing messages, whether by text or email. The study also signalled that women were more likely to be targeted for identity theft. Nearly half of the women surveyed reported that their social media accounts had been hacked at one point or another, compared with 37 percent of men surveyed.
Deepfake content also disproportionately affects women: 90 to 95 percent of all online deepfakes are non-consensual pornographic images; of these deepfakes, around 90 percent depict women.
The acceleration of threats is set to affect all types of people, not to mention businesses. Ultimately, these nefarious actors want two things: information and money. Large language models and deepfake tools are very effective ways of funnelling victims to dangerous websites where scammers can easily access both.
In 2026, AI-enabled attackers are expected to move faster and create more convincing material. Specifically, we’re continuing to see a sharp incline in cybercriminals deploying deepfakes in their scams. Tactics include, for example, the creation of deepfake images that are then used as blackmail material, and the use deepfake tools to create fake voices and videos of colleagues either requesting payments or confidential business information.
As threat actors ramp up activity with AI-driven attacks, international law enforcement is struggling to keep pace.
When teams are made up of people with similar backgrounds and experiences, they are more likely to have blind spots. There’s a misconception that cybersecurity is all about coding – imagine green text on black screens. While computer science skills are certainly important, cybersecurity also demands an understanding of the psychology behind perpetrators. Diversity allows teams to have a fuller picture of threats. Cybersecurity is stronger when diversity is made a priority.
But how do we get there?
A December 2024 study from RMIT University found most women were leaving the cybersecurity field in part due to its 24/7 culture. Job design and work commitments can make a career in the field unattainable for people with parental or domestic responsibilities, most of whom are women.
Women also felt there were still gender-based barriers to entry and career advancement, signalling a critical need for culture change in the industry at large. Promoting early education to get young women interested in cybersecurity, for example, and setting up mentorship programs that place female practitioners on a path to growth are important levers for empowering women in the field.
Not only do we need to encourage women to pursue cybersecurity as a career path, but we should also create structural change to support female employees. Adequate maternity leave, access to healthcare and the facilitation and promotion of sufficient work-life balance are a few key examples.
Diverse teams bring diverse perspectives, experiences and cognitive styles to the table, strengthening teams’ abilities to anticipate how systems might be exploited and how attacks might unfold. At a time when adversaries are increasingly unpredictable, this holistic view helps organisations challenge assumptions, ask better questions and design stronger, more resilient security strategies.
Diversity in cybersecurity isn’t just a social objective; it’s a strategic advantage. We need people from all walks of life to thwart attackers, and we certainly need more women.
