The cybersecurity community often talks about two things: the relentlessly escalating threat landscape and the persistent talent gap. What's less frequently discussed is the direct link between those two issues and the industry's significant lack of diversity.
The release of The Women in Security Documentary is more than just a piece of cinema; it's a high-definition mirror reflecting the current state of the cybersecurity profession and demanding a constructive conversation about inclusion, mentorship, and building a stronger, more resilient pipeline of talent.
The argument for diversity isn't simply an ethical one—it's a defense strategy. Studies consistently show that diverse teams are better at problem-solving and threat anticipation. Yet, the numbers reveal a persistent structural problem:
Industry reports (e.g., from leading organizations like ISC2 and other research-based firms) consistently estimate that women represent roughly 24% to 26% of the overall cybersecurity workforce.
This percentage dramatically shrinks at the executive level. Estimates for women holding CISO or equivalent leadership roles often hover below 15%, and in some regions, are even lower.
As the documentary makers state on their "About the Documentary" page, the film aims to "change the perception of who a security professional is." It provides essential visibility, validating the careers of those already in the field while breaking down stereotypes for those considering entering it.
The documentary's focus on the personal and professional journeys of women in security has sparked necessary dialogue across professional platforms. The themes of mentorship, overcoming bias, and the urgent need for a more inclusive culture are resonating deeply.
"When trying to build the community to attend the premiere in Bellevue [Washington], many people initially thought only of the women in their organizations or referred me to women who could help spread the word—but this mindset has to change. This documentary is for everyone to watch, learn from, and act on. True progress requires all of us to engage," said one of the women featured in the film, Aarti Gadhia, Country Manager for Sentra, and Top 20 Cybersecurity Women of the World 2025. "The Women in Security Documentary is about visibility and representation. We've shared our stories—how we joined the field, the experiences that shaped us, and the ways many of us have used our voices to push for systemic change. We also highlight the allies who stand with us and help move this work forward."
"In 2025, we've already seen so much transition—recent layoffs have pushed many people to explore new career paths," Gadhia continued. "My hope is that it will break down barriers to entry and advancement, inspire new talent to join us, help build allies, and create a more inclusive and diverse industry. We started this project almost five years ago with Richard Ticho, Producer of Resilient Features. What excites me the most is seeing the impact it's already making!"
"Finally seeing the Women in Security Documentary hit the screen is a much-needed moment of truth for our industry. For too long, women's journeys in cybersecurity have been whispered in hallway conversations or buried in niche panels," said Krista Arndt, Associate CISO at St. Luke's University Health Network. "This film invites us to socialize that journey—to turn private challenge into public conversation, to shift individual stories into collective momentum. It's not just about representation, it's about recognition: when women in security share their path, we all get stronger."
Zabrina McIntyre, Director of Advisory at KPMG and WiCyS BISO Affiliate member, posted this on LinkedIn after watching the film:
Lynn Dohm is Executive Director at Women in CyberSecurity (WiCyS) and is also featured in the documentary. She had this to say:
"In an era of demographic decline and rapidly rising cyber risk, organizations cannot afford to overlook half the population when building their teams. Women are earning advanced degrees at record levels, yet remain vastly underrepresented in security and leadership roles. Inclusion is not a side initiative; it's a core strategy for workforce resilience. That's why WiCyS continues to drive forward skills-based talent development and community support that empowers organizations to cultivate a stronger, more sustainable pipeline."
Other LinkedIn comments include:
A female CISO: "This documentary isn't just for women; it's for every leader who signs off on a security budget. We need different perspectives to solve today's complex attacks. Watching the film reinforced that every organization has a responsibility to actively mentor and promote high-potential women. Tokenism is out; sponsorship is in."
A male incident responder: "I shared this film with my entire team. It was a stark reminder that the culture of 'the brilliant loner coder' needs to die. Our best security comes from collaboration. If we want to close the talent gap, we have to stop making the environment feel exclusionary to half the population."
A security architect: "The most powerful segment was on overcoming imposter syndrome. Seeing these incredible leaders admit they felt the same pressure was validating. It's an urgent call to action to stop gatekeeping and start building a supportive pipeline from entry-level roles up."
The documentary is directed by Yvette Freeman, an art and theater instructor, teaching artist, and actress in Los Angeles.
Featured in the film are:
Marene Allison | Retired CISO of Johnson & Johnson, Cyber Advisor, Strategic Business Advisor, President West Point Women • Nicole Buratovich | Sr. Manager, Program Management | Culture & Wellness, Amazon • Stacey Champagne | Founder & CEO, Hacker in Heels • Dr. Stephanie Carter | Principal, Compliance Advisory • Andrea Chedas | Head of Corporate Security, Wealthsimple • Lynn de Vries | Partner, DutchRisk • Lynn Dohm | Executive Director, WiCyS • Dr. Victoria Ekhomu | Chairman/CEO, TRANSWORLD SECURITY SYSTEMS & President, School of Management & Security • Aarti Gadhia | Country Manager for Sentra • Karen Gispanski | Senior Director of Enterprise Cyber Security, Millennium Healthcare • Tia Hopkins | Chief Cyber Resilience Officer & Field CTO, eSentire • Dr. Valerie Lyons | Chief Operations Officer, BH Consulting • Melissa Mack | Managing Director, Pinkerton • Constance Matthews Reynolds | Founder & CEO, ReynCon • Paula Mendes | Associate Director, Pinkerton • Bonnie Michelman | Vice President/Chief Security Officer, Mass General Brigham • Niamh Vianney Muldoon | EMEA CISO & Innovation Lead, BNY • Karen Nemani | AWS Security Delivery Practice Canada, Amazon Web Services (AWS) • Mackenzie Phillips | Senior Manager, Security & Loss Prevention, Amazon • Mindy Pretzman | US Secret Service (Retired) • Sarah Stone | Director, Pinkerton Consulting & Investigations • Danielle Weddepohl | Director, Public Safety and Emergency Management, George Brown College.
Industry reviews highlight the film's role in moving the conversation beyond simple metrics. One review called it, "Essential Viewing for Executive Leadership," noting that it "masterfully blends the personal narratives of success with the structural barriers still facing the industry. It's a blueprint for cultural change, not just awareness."
For CISOs and security leaders, the documentary is not peripheral viewing—it is strategic intelligence on talent acquisition and retention. The industry cannot solve the talent gap without fixing the representation problem.
Some tips for enterprises, leaders, and hiring managers:
Stop passive recruitment: Organizations must move past passive recruitment and implement active strategies: blind resume reviews, setting concrete diversity goals for interview panels, and sponsoring women's cybersecurity organizations.
Focus on retention and mentorship: A supportive culture is the ultimate retention tool. The film serves as an excellent discussion starter for internal mentorship programs aimed at advancing women into senior and executive security roles.
Validate non-traditional paths: The documentary highlights that many successful women in security came from non-traditional backgrounds (e.g., arts, compliance, law). Broaden your hiring parameters to value diverse professional experiences, not just specific technical certifications.
"We've made our industry intimidating to some because they think they need to be good at math, or be technical. Some people look at this and say, 'Cybersecurity sounds cool, I'm going to figure out how to get into it.' And others who say, 'Sure it's cool, but I have no experience, I shouldn't even try,'" said Rick Doten, former CISO at Centene Corporation. "But the latter is not true. I know CISO friends who compulsively interview workers in restaurants and retail who show to have the right personality."
Doten continued, "I totally agree with the three tips to improve diverse hires. I get offered pen test roles, even though I've been a CISO for the last 12 years, because I ran pen test teams 20 years ago. Recruiters aren't even looking at the profiles, just how many keywords match and contacting. I've often said that we don't have a shortage of cybersecurity candidates; we are looking in the wrong places, asking for the wrong things, and not accounting for the aptitude, interest, and neurological gifts that people have that make them great practitioners. All of these boil up to leadership not looking for the best people based on ability, not keywords or certifications, or confidence bias like I mentioned earlier. And we need to keep them challenged yet comfortable to be successful once they are hired."
Dmitriy Sokolovskiy, SVP of Cyber Resilience at Semrush, took a personal approach to the benefits of diversity: "My wife and I complete the parental processing unit that runs our family processes. With her compute structures, she fills the processing logic gaps that my compute structures have. In all the ways that they are different from mine, she expands them, making our PPU a lot more effective and efficient. Diverse teams are more effective and efficient than homogeneous ones. It's THE lowest hanging fruit."
Kara Schlageter, a cybersecurity executive, strategic advisor, and former deputy CISO, said this topic is very important to her and one she is very passionate about. She had this to say:
"Progress doesn't happen by chance. It happens when we all decide it's part of our job. So what do we do?
Sponsor, don't just mentor. Put women's names forward for big projects, scope-expanding roles, and visible opportunities.
Structure the process. Use clear promotion criteria, diverse slates, and accountability in decision-making.
Model allyship. We need male allies to speak up, amplify, open doors and expect the same from your peers.
Invest in the pipeline. From internships to returnships, we have to widen the entry points and support re-entry.
Search in unexpected places. Great tech talent doesn't always start in tech. I began my career in HR, and that background gave me a foundation to lead in cybersecurity. When people ask me how I made the switch from HR to Cyber, I tell them, 'It's not the technology that causes the breach, it's the people behind it.' We should be open to nontraditional paths into our field."
"Inclusion is cybersecurity's strongest defense. Diverse teams don't just see threats differently; they anticipate them sooner," said Donna Ross, CISO at Radian Group Inc. "When women's stories are visible, stereotypes crumble. This documentary reframes what a security professional looks like and why that matters. Every time a woman in security shares her journey, she chips away at bias and builds a stronger pipeline for those who follow."
At SecureWorld, we have made a concerted effort with our in-person and virtual conferences to be as inclusive as possible. But we have strides to make. At the SecureWorld Seattle conference November 5-6, 2025, of the 80 speakers on the agenda, 22 were women (27.5%). The Day 2 lunch keynote featured three women and one man talking about data privacy. More work to do!
[RELATED: IT Brew has this great article titled, "What women in cybersecurity want the next generation to know."]