Look around any cybersecurity conference and, yes, there are plenty of female faces—that might seem to imply that women are finally having their day in the industry. But, not so fast, cybersecurity continues to face a persistent challenge of attracting, retaining, and advancing women in the profession.
Despite the progress, many of the barriers women encounter today remain remarkably similar to those faced decades ago. Anna Collard, Senior Vice President, Content Strategy, and CISO Advisor, reflects on her unconventional journey into cybersecurity, the realities of balancing leadership and family, the impact of AI on the workforce, and the actions both organizations and individuals can take to create more opportunities for women in the field.
During Collard’s own journey, she found opportunity and support in unexpected places, summoned her own wherewithal to leave her comfort zone, and carved out a unique path. The very best of role models, Collard advocates for women pursuing cybersecurity careers and her insights reveal both the systemic challenges that remain and the opportunities emerging through technology, flexibility, and changing workplace expectations.
Q. How did you get started in cybersecurity?
A. I actually studied economics, international economics. I wanted to do arts. I wanted to do languages. He said, no, there's no money in it so I got pushed into economics, which I was never really interested in. I got into information security because Siemens offered me, you know, like I could write my final thesis with them. Through that thesis, I got a job at an internet service provider. They were looking for a security engineer. Like, I don't know anything about engineering, but here's my thesis. I got placed between engineering and basically product management, and sort of thrown into the deep end because I didn't have the engineering background. I was very young. I was the only female in my team.
Q. How did your early experiences shape your career?
A. I had imposter syndrome throughout all my 20s. I always felt like, “Oh, my God, I don't know what I'm talking about." I think I worked so much harder—every weekend I would train up, and every year I did another certification, just to feel less inadequate. I did this for 10 years.I was 24. I was responsible for NTT’s global managed security services rollout. As a young person, it's amazing, because I had to do projects in the United States and all over Europe.
Q. Why does gender disparity remain a challenge in cybersecurity?
A. It's not just in technology. I was talking to some women recently about the financial services industry and the investment industry, and it's so much worse even than our industry. It’s just, unfortunately, still a thing. And not just in technology. As women, we do need to talk about it—that it is still a thing—and find ways to raise awareness.
Q. Are many examples of bias intentional?
A. They're not bad men. They're just so oblivious. They don't have the reference that [their bias] it could be wrong. They just think that's how it's done.
Q. What advice would you give to people, especially women, entering cybersecurity today?
A. Combine two things, you don't have to be the best in either of them. If you're good at two things, you're so much more competitive. If you are a good web designer and a developer then you're like a unicorn. Otherwise, you always have to find a designer and a web developer. But if you can do both, there's a bit of magic.
Q. How did you combine cybersecurity with other disciplines?
A. I am also a yoga instructor, I did a master's in cyber psychology and I'm doing a PhD in it. My deep dive is in how mindfulness can help us stay safe online. It's a cognitive security mindset. And yes, that comes from my yogic experience. I don't ever use the word yoga. But it actually is yoga, a yogic philosophy that can help us to be more grounded. It can help us to be present. Because in 50 percent of the cases when people get scammed, it is not because they don't know better. It's because they are on their devices. We are frazzled, we are multitasking, we do a million things. We're not present.
So, by bringing in some form of awareness, consciousness, presence–and I'm trying to prove that scientifically that is one of the most powerful counters or controls to help us stay safe and not just online against scammers. What I find is even worse is cognitive warfare, that whole polarization, the manipulation that's going on. That's what I find really exciting. And again, those are two seemingly totally different subjects, but if you throw them together, there's a bit of magic.
Q. Why do women leave cybersecurity roles in the middle of their careers?
A. To be honest, the main reason there is because we have babies. As soon as you have children, you cannot do those 18-hour days, fly around. It's just not possible. Even with a supportive husband. There are limits. We are still the main caregivers at home, or expected to. The world hasn't quite... We talk all the talk and do all the stuff, but let's be honest, if you're an executive, you're expected to be everywhere all the time.
Q. Studies have shown there are still few women in cybersecurity leadership roles. Why is that?
A. When we hit a certain phase in our lives, you know, when the children come, then we move sideways. Even me. I ran my own business. I was living, breathing work. I was a complete workaholic. You cannot sustain that with children. It's not possible. I had to say to KnowBe4, I cannot go on like that. The majority of the people in these exec roles, I don't know how they do it with kids.
Q. What can organizations do to better support women?
A. The first step would be to recognize that that's a thing. It's really more about outputs rather than time. Nobody has to work 8 to 5. It's really about outputs rather than time. Realize that childcare—or even elderly care—are realities that people have to face at home. If you're mindful about it, whether that's flexi-work, flex-time, or whatever it might be, it really is about acknowledging those realities of life. And then looking at the solutions that are already out there.
Q. How has flexible work impacted your own productivity?
A. I only work officially three days a week. Monday, Wednesdays and Thursdays. I'm probably as effective, if not more than my five-day-a-week. It makes me much more productive. Actually, it makes me much more productive in an ironic way, because I have these breaks in between. Again, it's not about the time, it's more about the output.
Q. How is AI affecting women and the workforce?
A. AI will proportionately negatively affect women way more than men. The payment gap will be much worse in the future than it currently is. Traditional female jobs—systems, sales, those kind of jobs that can be automated quite easily—will be replaced by automation. Unfortunately, that affects females. However, on the other hand, I definitely feel that there's an opportunity, too. There's always two sides.
Q. What concerns do you have about AI?
A. You cannot trust it at all to do literature review properly. You still have to do the hard work. It's a great bouncing board. But AI gets so much wrong all the time. As much as we talk about LLMs and how amazing and incredible they are, you cannot rely on them.
What's the new skill of the future? You still have to have that deep thinking. Cognitive flexibility. That discernment. Unfortunately, that comes with doing the hard sloggy work. It’s also the experience, the business knowledge, just the leadership, and the ethics that are needed. If we look at some of these AI startups, you have 23-year-olds who might be technically geniuses, but they don't think about safety, governance. Then they produce these AI products that potentially really impact our kids, our cognitive abilities, and all the bad stuff that comes with it.
Q. What can women do to advance in cybersecurity today?
A. It's systemic. The systems need to change. It's unfair to expect us to own the problem when it's so systemic. But on the other hand, there are obviously things that we can do. Being assertive, for once, I think, is one of the things. You always get paid what you ask for. If you don't ask, you won't get it. We always think, “I have to do a great job, I work allhours, then somebody will come and pat me on the shoulder. That's just business."
Q. How should women approach career opportunities?
A. We feel we have to have all the experience and certifications before we take the job. But we need to be comfortable with being uncomfortable. Learn on the job. A guy has no problem. They apply for jobs they're totally not qualified for. We only apply for the things we qualify for. I've been in cyber for 24 years. I'm still a beginner. Every day there's new stuff I don't know anything about.
Q. How can women build confidence and visibility in the industry?
A. I always sat in the back. I never felt comfortable in the front. I even put my hand up, but I never got the microphone because they didn't see me. Then a man I worked with came up to me and said, “Anna, you have things to say. Sit in the front.” What he said to me at that time was so wonderful. We have things to say. Let's not hide in the back. Let's try.
Q. Why are role models important for attracting women into cybersecurity?
A. They need role models. They need to see somebody that looks like them in positions. If that's not there, society is pushing them in certain boxes. Even with my own children, my son and daughter, society is pushing them into certain boxes. She gets the 100% unicorn stuff and he gets the science toy.
The cybersecurity industry has made some progress in bringing women more fully into the fold, but challenges still persist. Collard’s experiences reveal that while technical expertise remains critical, success increasingly depends on adaptability, interdisciplinary thinking, self-advocacy, and organizational cultures that support diverse career paths.
Collard’s reflections also underscores that retaining and advancing women in cybersecurity is not solely an individual responsibility but rather requires organizations to rethink leadership models, workplace flexibility, career development, and talent pipelines. At the same time, women must continue to claim their space, pursue opportunities even before they feel fully ready, and recognize the value of their perspectives.
As AI, cyber psychology, and new ways of working reshape the industry, the future of cybersecurity may depend less on traditional career paths and more on the ability to combine diverse skills, perspectives, and experiences—the very strengths that leaders like Collard exemplify.