a European initiative to promote women in cybersecurity and meet the growing demand for cyber professionals

Background and importance of Women4Cyber

Unlike many digital awareness initiatives for women focusing on a wide-ranging ICT sector, Women4Cyber was launched by the European Cyber Security Organisation (ECSO) to target the inherently complex cybersecurity field and to meet the growing demand for cybersecurity professionals in Europe.

In January 2019, ECSO invited 30 top European female leaders from the public, private, and academic sectors working in the cybersecurity field to become the Founding Members of the initiative. The official kick-off meeting took place on 22 January 2019 in Brussels, under the patronage of then Commissioner for Digital Economy and Society, Mariya Gabriel, and with the support of the European Commission. The Founding Members discussed a set of priorities for concrete actions based on their practical knowledge, to set the strategic guidelines and vision for a sustainable future for the initiative.

Considering the expected skills gap in cybersecurity, there is an urgent need to ensure that we are educating and training enough skilled experts to meet the demand. A report[1] by Cybersecurity Ventures has predicted that there will be 3,5 million job openings in cybersecurity globally by 2021 while according to (ISC)², Europe faces a projected cybersecurity skills gap of 350,000 workers by 2022[2]. In addition, a recent report by (ISC)² claims that women represent only 24% of the global cybersecurity workforce[3]. With Women4Cyber, ECSO saw an opportunity to focus implicitly on increasing the participation of women in cybersecurity and tap into this segment of the workforce that thus far has not been sufficiently exploited.

In addition to integrating cybersecurity as a cross-disciplinary topic in education programmes, we also need to attract more young girls and women to cybersecurity by demonstrating the multifaceted nature of the profession. We need to remove the misconception that cybersecurity is just a technical issue – it is about people and processes too. Cybersecurity is a field that requires not only technical experts but individuals with a high EQ (emotional intelligence) and strong managerial and soft skills. This is where we can best engage with and attract girls and women to the profession and how we can ultimately help to fill the skills gap in cybersecurity. To do so, Women4Cyber will, inter alia, work with universities in order to give visibility to existing programmes and role models on key enabling technologies, in order to enhance female participation in cyber education and demonstrate a well-balanced representation of cyber talent (women and men) in Europe.

Given the importance of this issue and the overwhelmingly positive response that Women4Cyber has received since its inception, a legal body was established in September 2019 to support the growth of the initiative. The Women4Cyber "Mari Kert - Saint Aubyn" Foundation, established jointly by ECSO and Guardtime (an Estonian SME), has a dedicated governing Administration Body to manage donations and monitor the implementation of actions. It is supported by an ad-hoc advisory Council which is made up of some of the Founding Members and other advocates of the initiative. 

Who is involved in Women4Cyber

The Women4Cyber Council is currently made up of around 35 women (and a few men) from across the public, private and academic sectors in Europe. The Council members are there to advise the Foundation on the strategic direction of Women4Cyber and support the delivery of concrete actions within their respective sectors. A first Council meeting was held in Rome in September 2019, where members exchanged best practices, advised and committed to spearheading actions under the initiative. The Council members also act as ambassadors for Women4Cyber.

Nina Hyvärinen from F-Secure in Finland, a Women4Cyber Council member and member of ECSO, is an active supporter of the initiative and is helping to implement a national Women4Cyber chapter in Finland. The setting up of national and local chapters is strongly encouraged by the Foundation as the initiative needs to be adapted to the specific ecosystems of each country and region. At the Women4Cyber secretariat, we are currently working actively to roll out the first few chapters.

On Women4Cyber and the future Finnish chapter, Nina Hyvärinen says: “It is a privilege to be part of this inspiring group of women. Together we are looking for ways to give a voice to those brilliant female professionals already in the field. We want to promote more women as keynote speakers and in the media. We need role models. In Finland, we are planning to set up a national chapter to support the excellent female professionals we have, and to encourage more women to cybersecurity.”

Aside from the Council, Women4Cyber counts on its entire community to work on and grow the initiative together. The community aspect of Women4Cyber is absolutely crucial to achieving a tangible impact as regards awareness, education, training, and job market growth. On LinkedIn alone, Women4Cyber currently gathers around 2200 experts (predominantly female) in cybersecurity and we hope to keep expanding this network. 

Importance of the initiative now and in future

In growing the community and raising visibility, Women4Cyber will be able to shed light on the importance of cybersecurity and the versatile workforce that it requires. Awareness is key to increasing the participation of women in the cybersecurity field and Women4Cyber will do so across all levels. We will go to the schools to teach kids about cybersecurity issues (and cyber hygiene) and hopefully pique the interest of young girls who may not previously have considered cyber as a topic of interest. We will support young women in STEM and cybersecurity education, by promoting scholarships, and help them enter the workforce, by facilitating mentorships and traineeships. Finally, we will support women at all stages of their career, providing links to ICT and cybersecurity trainings (upskilling/re-skilling), and we will provide the tools to show cybersecurity as a viable career option for those re-entering the workforce.

The Women4Cyber initiative has already been recognised by the European institutions. It was launched under the patronage of then Commissioner for Digital Economy and Society, Mariya Gabriel, and continues to have the support of the European Commission. We were also honoured to receive the Cyber Security Nordic Award in Helsinki in October 2019. This year’s dominant criteria for the award were increasing the visibility and significance of cybersecurity, international influence, promoting cyber expertise globally, and impact. International networking was considered very important for the promotion and dissemination of cybersecurity information. At present, there are relatively few women in technological fields, and by awarding Women4Cyber, the jury indicated their hope for this to change.


Actions and how you can get involved

Following the kick-off meeting in January 2019, Women4Cyber developed a Charter of Objectives and associated Roadmap of Actions[4]. The Roadmap of Actions is structured around six workstreams:

Workstream 1

Create awareness, promote best practices and visible role models

Workstream 2

Promote tailored training programmes in cybersecurity

Workstream 3

Enhance the presence of women on the cybersecurity job market

Workstream 4

Increase the presence of women in cybersecurity Research & Innovation (R&I) and in the field of emerging technologies

Workstream 5

Support and shape policies at EU and national levels that are in line with Women4Cyber’s messages

Workstream 6

Establish and coordinate international and national partnerships


Women4Cyber is an open and inclusive initiative and anyone is welcome to get involved, either by donating to the Foundation and / or actively contributing to concrete actions under the Roadmap of Actions.

At the Women4Cyber secretariat, we are getting ready to launch the first action from the Roadmap: a role model campaign which will be rolled out in two phases. In the first phase, we will post snapshot profiles of the Women4Cyber Council members on social media where they will outline what they do, how they got to where they are, and what advice they would give to young women considering a career in cybersecurity. The aim is to provide visible role models to the community but also to have European community members engage with us and share their story. In the second phase, we will consolidate several of the profiles that we will have gathered from the Council and the community into the “The Book of European Cyber Women”.


How to tackle the perception that cybersecurity is still a man’s world – highlighting Women4Cyber role models

As cybersecurity is still an extremely male-dominated field, Women4Cyber intends to work directly and indiscriminately with women and men alike to promote its goals and implement actions across the community and industry. While one of our main goals is to progressively change mindsets and encourage the community to take into account and value the perspective and contribution that women can bring to cybersecurity, Women4Cyber will do so in the spirit of bringing about equal representation and, ultimately, gender diversity to the field.

 With the Women4Cyber role model campaign still very much in its infancy, there is still work to be done to gather a comprehensive picture of existing female experts and role models in cybersecurity in Europe. Nevertheless, starting with the Women4Cyber Council, we already have an impressive array of European talent that can bring their expertise to pressing issues, showcase different career pathways, and lead from the front in bringing about real change on our targeted actions at European, local, regional, and national level.

It is our hope that these women will inspire others to share their story so we can broaden the Women4Cyber role model canvas and show the multi-faceted nature of cybersecurity, both in its representation and range of skills required. The diversity of women and their backgrounds that we will showcase will be a testament to the existing talent pool in Europe as much as it will demonstrate to young girls that when it comes to cybersecurity, the sky really is the limit.


Blog post by Nina Olesen (European Cyber Security Organisation & Women4Cyber Secretariat) & Nina Hyvärinen (F-Secure)

[1] Cybersecurity Ventures (sponsored by Herjavec Group) (2017), Cybersecurity Jobs Report, 2017 edition, available online at: https://www.herjavecgroup.com/wp-content/uploads/2018/07/HG-and-CV-The-Cybersecurity-Jobs-Report-2017.pdf

[2] (ISC)², Europe demanding world’s fastest cybersecurity workforce growth as region’s skills shortfall is forecast at 350,000, available online at: https://www.isc2.org/~/link.aspx?_id=7A8CF784083C4EAB9BF33FEC9452174A&_z=z

[3] (ISC)² (2018), Cybersecurity Workforce Report, Women in Cybersecurity, available online at: https://www.isc2.org/-/media/ISC2/Research/ISC2-Women-in-Cybersecurity-Report.ashx

[4] Available at: https://www.ecs-org.eu/working-groups/news/women4cyber