International Women’s Day (IWD) is March 8. While it’s a global day dedicated to celebrating the many achievements of women, it’s also a day for accelerating gender parity. With this year’s theme #EmbraceEquity, it’s a sobering reminder the cybersecurity landscape continues to be heavily skewed—75% of cybersecurity workers are men.
Progress is being made to improve the current state. But projections show it could take more than 130 years to close the gender gap if the world keeps its current pace.
To help inspire more change now and offer unique perspectives around the importance of bridging the gender gap, I sat down with Navpreet Gill to kick off a four-part blog series and got her take on the value of continuing to empower women to be a part of cybersecurity—not just on IWD, but every day.
Navpreet has been with F5 for over three years. Her role centers on Product Marketing for Web Application Firewall (WAF) solutions, including F5 BIG-IP Advanced WAF and threat intelligence services. Previously, Navpreet helped drive product marketing and business development for security startups in Silicon Valley. Her experience with security startups inspired her passion for positioning and messaging products and solutions that best address customer use cases and drive business. In her off time, Navpreet enjoys rock climbing, skiing, and hiking with her dog, Henry.
Rachael: I had a non-linear career path before landing in cybersecurity. How’d you break into the industry?
Navpreet: Shortly after my time at UCLA, I received a letter from my healthcare provider notifying me that I was one of the few million impacted by a recent breach. I had just moved from Los Angeles to Silicon Valley and was looking for a job, so I started networking in the tech space. My mentors pushed me further and encouraged me to seek cybersecurity roles.
At its core, cybersecurity’s about protecting people from being victimized—and in my career I’ve enjoyed being on the defense side, protecting people from harm, pursuing bad actors, and continuously learning. I love seeing the impact of my work. The fast-paced environment keeps me focused and keeps my career enjoyable.
Rachael: Many have emerged as proponents of diversity and inclusion in tech, yet cybersecurity continues to struggle with closing the gender gap. What opportunities are there to bridging the divide?
Navpreet: Having more women in the workplace is good for business, bringing diversity in perspectives, leadership, and experience. While this can apply to any role at a company, it’s crucial in the cybersecurity space. We need people with different backgrounds because we’re pursuing cyber adversaries and hackers who also have various backgrounds and experiences. The wider variety of people and expertise we have to defend our digital world, the better our chances of success.
Rachael: Couldn’t agree more. A few years back, the University of Maryland reported a cyberattack happens every 39 seconds, and it keeps getting easier with evolving tactics like ransomware-as-a-service. How can we guide more women toward cybersecurity? What needs to change?
Navpreet: I think it’s a perception problem—at home and in school, young girls are often steered into more traditional roles. A lack of role models also lends significant influence, among other factors like male dominance and peer pressure that inserts the idea of STEM as geeky.
We can flip the narrative with a cultural shift. Teachers and guidance counselors should encourage young girls to seek STEM careers and highlight role models within the educational system. In the workspace, employers should make programmatic efforts to hire and retain women in IT, providing pay equity and equal paths to promotion, along with a gender-inclusive work environment.
Rachael: I’m excited to see actions that challenge the status quo. And I’m energized by everything going on in cybersecurity today. What kind of trends right now make you sit up a little taller?
Navpreet: I’m most excited about Artificial Intelligence (AI) in cybersecurity.
Cyberattacks aren’t going away—they’ll continue to escalate in frequency and sophistication. It’s become rather tricky for cybersecurity experts to react to them all. Hackers and cybercriminals have been using AI. In many cases, AI algorithms are used to detect weak security systems that contain valuable information. AI can also create several personalized phishing emails to trick recipients into giving up sensitive information. AI-driven attacks can also be more tailored and more effective; their growing ability to understand context means they will be even harder to detect.
Rachael: Like using ChatGPT for malicious attacks. All hope isn’t lost for good-intentioned AI, right?
Navpreet: Totally. Machine learning algorithms can more effectively examine the vast amount of data moving across networks in real time and learn to recognize patterns that indicate a threat. Investment in new technology will play a critical role in the emerging reality and evolving ecosystem. It’s crucial to incorporate technology into the ecosystem to combat the malicious use of AI with AI itself.
As an example, behavioral analytics are a requirement for detecting blended attacks. Many layer 7 distributed denial-of-service (DDoS) attacks are stealthy and may go undetected. BIG-IP Advanced WAF uses machine learning and data monitoring to analyze traffic behavior to automatically defend against DoS and DDoS attacks.
AI in cybersecurity is evolving exponentially, and I’m excited to see where it goes.
Other Q&A in this Four-Part Blog Series
A Journey to Gender Parity: Q&A with Erin Verna on Empowering Women in Cybersecurity