In the beginning of 2026, in Bulgaria, videos of women from beauty salons and an ob-gyn clinic in three Bulgarian towns were found circulating on pornographic websites. Some of the victims were minors. None of the women or girls knew they had been recorded when visiting the salons and the clinic. Some learned about the existence of the videos by chance. When interviewed, they shared feelings of humiliation, violation, and utter helplessness.

Many experts correctly point out that such recordings should have never existed in the first place as cameras are not permitted in such places. However, during the (ongoing) investigation, another possibility was considered – the cameras might have been hacked. This raised an equally worrying question: if devices in highly private spaces can be compromised, what does that say about the security of the numerous cameras we knowingly live with in public spaces…even at home?

This disturbing case is about breaches of privacy and cyber violence against women. Yet, it is also an illustration of how cybersecurity failures affect women and girls and violate their human rights, dignity, and bodily autonomy.

According to the report “POV Reimagined: Women in Cybersecurity” by Emily Mossberg and Shelley Zalis, as of 2023, women make up 20-25% of the cybersecurity field globally. This is regrettable and constrains progress as, the report reminds us, “women bring unique perspectives and problem-solving skills vital in combating complex challenges” – through history, women created some “game-changing solutions” such as windshield wipers, WiFi, Bluetooth, home security systems, diapers, and the first all-electric programmable computer. Elsewhere, as three significant barriers to increased women representation in the sector have been identified the “perception of cybersecurity as a technical profession”, “the reported ‘boys club’ attitude in cybersecurity”, and the “limited encouragement received by women to enter cybersecurity as a profession”. The widely reported gender pay gap in the field remains an issue – a ISC2 Study, published in 2026, reveals that a third (34%) of surveyed women said it was pay or promotion inequity has prevented women from moving forward, as opposed to just 19% of men. Furthermore, “nearly half of women participants (45%) considered work-life balance and caregiving demands to be the top challenge faced by women in cybersecurity, compared to 29% of men participants”. Such results should not come as a surprise – in fact, they would be common in other professions as well. In many countries, societies, and cultures women are still expected to undertake most of the care work – an expectation arising out of the prevailing gender stereotypes about women’s role in the family.

In the course of the project Women, Tech & Civic Space: Change and Empowerment through Coalition-Building, implemented by the Counterintuitive Institute (CI) with the support of the Netherlands Helsinki Committee, the CI team spoke with Margarita Kirilova, co-founder of Women4Cyber Bulgaria and a cybersecurity expert, to better understand both the challenges and the opportunities shaping women’s participation in cybersecurity nowadays.

Part of the broader Women4Cyber Foundation, Women4Cyber Bulgaria is dedicated to increasing women’s participation and visibility in cybersecurity. The organization aims to create a supportive and inspiring environment for professional development and promote women’s employment in the rapidly evolving field of cybersecurity. One of its most impactful initiatives is the “Young Ambassador” program, which tries to engage young women interested in cybersecurity and digital technologies. Through a combination of training, mentorship, and hands-on participation in initiatives related to digital safety and civic engagement, the program supports entry into the field and helps grow a new generation of leaders committed to a more secure and resilient digital environment.

According to Margarita Kirilova, these efforts are sometimes still hampered by lasting gender stereotypes, which continuously shape educational and professional choices and paths. Cybersecurity is still widely perceived as “too technical” for women, with many being implicitly steered toward supportive or communication-oriented roles rather than technical or strategic positions. These assumptions begin early: many girls disengage from technology-related paths due to a lack of visible role models and supportive environments. Over time, this translates into slower career progression, lower confidence, and less frequent participation in decision-making processes.

To combat these stereotypes, we need relentless and coordinated efforts that attack the very foundations of systemic inequalities and socially embedded power structures. Visibility is key as showing real examples of successful women in cybersecurity inevitably challenges deeply entrenched stereotypical perceptions. Education and community-building are equally important – creating safe spaces for learning, asking questions, and developing skills can significantly improve retention and engagement. Mentorship is, of course, crucial, because intermittent access to guidance and support not only builds confidence but also increases resilience in an often-demanding professional environment.

According to Kirilova, Bulgaria presents a somewhat paradoxical case. The country has a relatively high share of women in mathematics, informatics, and technology. Yet, this does not necessarily bring a higher participation in cybersecurity. A major reason is that cybersecurity often remains “invisible” as a career path; it is rarely presented as a natural continuation of education in STEM. Instead, it is frequently perceived as a closed, highly technical area, dominated predominantly by men. This is confirmed by Mossberg and Zalis, who found out that “A majority of women (51%) report they don’t think “there is room for someone like me” in cybersecurity”.

Another thing that still needs to be resolved is the lack of accessible information about cybersecurity as a professional field. The absence of influential role models, accompanied with a deeply embedded “culture of non-belonging” can deter women from entering the field as well. Cybersecurity is viewed as a domain, which requires constant self-proving and work under pressure, which further contributes to this deterring effect, particularly for women who are just starting their careers.

At the same time, Kirilova shares, women are strongly motivated to enter and remain in the field because of the diversity of roles and specializations, the international nature of the profession, and, perhaps most importantly, the strong sense of purpose associated with it – cybersecurity is understood as being about protecting people, organizations, and democratic processes. Communities and mentorship networks are also playing an increasingly important role, offering visibility, support, and a sense of belonging.

Having more women in cybersecurity is not just about basic gender balance or representation, it is also about solutions to the serious and omnipresent cyber risks that abound as women also bring distinct and valuable perspectives to the field. Their approach is often more holistic, interdisciplinary, and human-centered, concentrated on patterns of behavior and the broader implications of technology for society. With respect to threat assessment and risk analysis, this often equals a more nuanced understanding, which goes beyond technical vulnerabilities to include considerations of the complex social context. As a result, not only more effective, but also more ethical solutions are brought to the table.

This is particularly important when it comes to efforts to address cyber and technology-facilitated violence against women and girls. A larger number of qualified women experts in more senior roles related to cybersecurity is not only about fairness – it is crucial for tackling cyber abuse more effectively. Often, women are more likely to recognize early signs of threats such as harassment, stalking, doxxing, and gender-based digital violence. From a technical perspective, their involvement contributes to tools and systems for protection, reporting, and prevention, which are more robust and better designed, reflecting real-world scenarios rather than abstract threat models.

Increasing women’s participation in cybersecurity is closely linked to improving digital safety and, more broadly, to reinforcing democratic resilience and the protection of human rights online. The absence of diverse perspectives – particularly of women and vulnerable groups who are strongly affected by cyber abuse – is not just about yet another gender gap. It also represents a limitation in effectiveness and a missed opportunity for resilience and innovation.