Who is best suited to identify a problem, a security breach, or the most impactful and innovative technology which will redefine how we manage threats? How you answer these questions just might define the trajectory and makeup of the future cyber workforce.
While the tech sectors have traditionally been dominated by white middle-class men, the tides are quickly shifting. Increasingly organizations are turning to a more diverse and inclusive approach to hiring practices in the cyber community.
Maybe this is to appease new social norms or (better yet) to better understand evolving cyber threats. Either way, the result is a more inclusive workforce better equipped to meet the pragmatic needs of global enterprises and mom-and-pop businesses alike.
Why has cyber traditionally been a boys club?
To find a just solution and mitigate the inequality in cyber it helps to understand the reasons how we got here. The World Bank, in their event titled “Women and Cybersecurity: Creating a More Inclusive Cyberspace” broke down many of the core factors which have traditional hinder women, as well as minorities from freely entering the cyber workforce. Among the most significant factors impacting employment are:
Industry perception and culture which promote white and male candidates
Societal and family constraints
Barriers to entry due to limited digital and cyber literacy
Wage gaps & missed or delayed promotions
Exclusion from the upper echelons of the corporate world — despite often having higher levels of education and certification than men.
While some of these elements of strictly ingrained in organizational culture other factors can be resolved through improved cyber education, increased access to mentorship, and a blind application process. To better meet expanding security needs of digital enterprises worldwide, businesses are in dire need of the best-qualified cyber candidates on the market, regardless of gender, ethnic background, or sexual orientation.
To fill the employment gaps totaling nearly 600,000 in the US alone, it is essential to use solutions based approached to broaden the workforce and give opportunities to previously overlooked applicants.
How can we make cybersecurity more inclusive?
From redefined hiring practices and community engagement to building lasting partnerships with higher education and the military, many practical steps can drastically change the face of the cyber workforce.
Implement a blind recruiting process.
By stripping away any superfluous or identifiable characteristics from a resume that are not related to the job candidates, core expectations and the individuals are judged more equitably. The origins of blind recruitment date back nearly five decades and at notable results.
“Following a racial discrimination case against the New York Philharmonic in 1969, by the 1970s, many orchestras employed blind auditions. A follow-up study by researchers at Harvard and Princeton found that blind auditions increased the chances of women being hired by 25–46%.”
In cyber, blind recruiting can eliminate many of the institutional biases preventing women and minorities from getting a fair chance at employment.
Enhance community engagement
Partnering with community leaders, local grassroots organizations and the next generation of cyber talent businesses can foster the growth of high-paying jobs within the community. By understanding how to ingrain cyber-heavy businesses with local talent and building the infrastructure to support essential skill-building programs, everyone wins.
Just like any member of the broader community, cyber professionals increasingly value the role and ability to impact the trajectory of gifted students and at-risk youth while creating a feeder system for cyber jobs. community engagement provides the added benefits of expanding the local workforce pipeline and motivating the next generation of the very real career opportunities in cyber.
Public-private partnerships promoting STEM, increased higher education focuses on practical cyber skills, and expanded employment opportunities, all driven by community engagement can make a very real difference in the demographics of the cyber community.
Utilize transitioning members of the military
The military offers a unique feeder system of highly motivated and tactically minded professionals who can make an immediate impact on any security analysis. By giving returning veterans a chance to use their battlefield experience to the benefit of the cyber community, employers utilize critical thinking and threat analysis capabilities rarely seen by incoming applicants.
With the extent of open cyber positions plaguing organizations globally, returning veterans can fill a glaring need while diversifying the workforce and bringing their tactical experiences to real-world problems in the business world. Veterans, more so than nearly any other group can make an immediate impact on understanding and prioritizing real-world threats to make effective decisions that save data and operational security.
What can be gained by making cyber more inclusive?
The expression goes everything looks like a nail when the only thing in your toolbox is a hammer and the same is true about the lack of diversity in cyber. Without a reflective pool of talent analyzing cyber threats and mitigating data loss an organization suffers. In essence, when your team is singularly guided by one vision or approach to risk management, other threats or potential solutions to various issues can be glossed over.
Diversity demands a range of critical thinking methodologies which can improve risk management and seek innovative solutions- quickly- to an ever-expanding range of issues impacting an organization's security posture.
By giving more candidates a fair chance to get their feet in the door, fostering effective dialogue with community leaders and organizations to set the groundwork for a cyber workforce pipeline, and utilizing some of the best qualified and most tactically minded returning warriors, the cyber community can vastly expand its ranks to include the best tent for the position.