Women entering cybersecurity today expect inclusion as a baseline, not a bonus. This expectation will change the industry, says ISC2 Candidate Teri Green-Manson, because cybersecurity isn’t just about defending systems, it’s about defending people.
Disclaimer: The views and opinions expressed in this article belong solely to the author and do not necessarily reflect those of ISC2.
Cybersecurity didn’t find me through a job posting or a polished career plan, but through necessity. Long before I acquired executive titles or earned industry recognition, I learned how to read risk in people, systems and environments where failure had real consequences. So, while I came up as an engineer – often the one called when systems broke or when something didn’t feel right – security wasn’t so much a pivot for me as a natural progression. When you understand how things fail, you start asking how to prevent harm.
It is this purpose that keeps me going, not just the technology. In fact, one of the most persistent myths about cybersecurity is that it’s purely technical. In reality, I find that the most difficult security challenges are human-centric.
Breaches often begin with behavior, trust, misaligned incentives and decisions made under pressure, not just lines of code. Women often excel at navigating this complexity. Skills like communication, systems thinking, emotional intelligence and foresight are essential to preventing incidents and managing crises. We’ve long carried both the technical load and the invisible labor: translating risk for executives, de-escalating incidents, mentoring teams and stabilizing organizations during moments of uncertainty.
Yet these strengths, my strengths, have historically been labeled as “soft” even though they are foundational to strong security outcomes. Technical fluency established credibility. But communication, resilience and the ability to translate complex risk into strategic language defined my leadership. Cybersecurity leaders must be able to influence, not just implement.
Invest in People
Organizations often invest heavily in technical training but underinvest in leadership development, especially for women, as though we somehow arrived late to the tech party. Quite the opposite is true: we were present at its creation. From early computing and programming to the mathematical foundations of modern search and networking, women built the backbone of the digital world… only to be written out when technology became powerful and profitable. My experience is that this historical erasure still shapes today’s cybersecurity culture. It influences whom we picture as ‘technical’ whom we trust with authority, and who is seen as leadership material.
Progress Matters Alongside Sponsorship and Support
Understanding this history isn’t about looking backward; it’s about correcting the lens through which we evaluate talent today. There has been progress: I see more women entering cybersecurity. Conversations about inclusion are louder than ever. Nonetheless, female representation thins dramatically at senior levels. Early career barriers tend to be about access, while later barriers are about perception. Unspoken rules governing who is considered ‘ready’, who is given sponsorship and who is trusted with risk continue to stall advancement.
These barriers aren’t always visible, but they are deeply felt, particularly at the executive level. While I hear people say that mentorship matters, it’s sponsorship that changes outcomes. Sponsors advocate for you in rooms you’re not in. They attach their credibility to your potential. Those moments, when someone speaks up and says, “She’s ready, trust her”, are career-defining.
I’ve also learned that data matters. Evidence travels faster than bias. Building evidence-based security frameworks wasn’t just about improving programs; it was about ensuring decisions were grounded in proof, not perception.
Build Knowledge, Don’t Compromise
You don’t need to become someone else to succeed in cybersecurity. Learn the fundamentals, build technical confidence and ask difficult questions. Don’t abandon your voice or instincts to fit an outdated mold: your lived experiences are not a weakness but an asset. Your resilience, adaptability and ethical clarity are leadership skills, even if they don’t appear on certification exams; find a way to demonstrate that you have them.
The next generation of women entering cybersecurity today are asking deeper questions about ethics, AI, governance and accountability. They expect inclusion as a baseline, not a bonus. This expectation will change the industry, because the future of cybersecurity isn’t just about defending systems, it’s about defending people. Women have always been doing that work.
Teri Green-Manson, ISC2 Candidate, has 18 years of experience in nonprofit, energy, education and enterprise technology sectors. She has held executive, business and technical leadership roles, with responsibility for cybersecurity strategy, enterprise systems modernization and governance oversight.
