With the National Cyber Strategy Workforce Development Implementation strategy release just around the corner, the conversation around increasing diversity within the cybersecurity industry has never been more prevalent. With 3.5 million open cybersecurity roles, it is clear that a larger pool of qualified applicants is important, and that hiring more diverse professionals will benefit everyone. Progress has been made – according to a new (ISC)² study, 66% of new entrants into the cybersecurity field in the U.S., UK, and Ireland over the last year are not white.
It is no secret that the technology industry as a whole has been largely dominated by a homogenous workforce, but the millions of unfilled cybersecurity jobs around the world may be the linchpin for change. The Center for Cybersecurity Policy and Law is releasing our whitepaper, “Diverse Perspectives, Stronger Defenses: Growing the Cybersecurity Workforce Through Diversity.” The paper explores the ways that a diverse cybersecurity workforce can promote stronger security outcomes both by increasing the number of candidates and by channeling broad perspectives, lived experiences, and creative ways of thinking to work on cybersecurity’s most pressing challenges.
The current demand for cybersecurity professionals far outweighs the number of qualified professionals available to fill the open positions. Filling those vacancies with diverse professionals who possess different cultural and professional backgrounds will bring unique insights regarding different types of attacks or vulnerabilities, leading to more effective threat identification and prevention.
Threat actors are continuously seeking to exploit our increasingly connected world through cyber-attacks that impact the entire global community. The cybersecurity workforce will be best positioned to defend against the rising severity of digital threats when it reflects the diverse nature of the threat actors themselves can help challenge conventional thinking and produce innovative methods for countering cyber threats.
There are many ways that companies are making cybersecurity more accessible to a wider set of potential cybersecurity professionals, throughout the professional lifecycle. From innovative educational programs to rethinking rigid hiring processes, from looking for nontraditional candidates to empowering the workforce companies have already hired, companies are working to hire more and more diverse professionals. The paper spotlights current actions being taken by relevant companies in the cybersecurity industry and proposes tactics for retaining and uplifting a diverse workforce.
The cybersecurity industry is facing a significant gap in the workforce which affects the ability to deter and disrupt malicious actors. Bringing in people with diverse perspectives and lived experiences will allow the cybersecurity community to harness the power of collective knowledge and cultural awareness. A diverse cybersecurity workforce will be better equipped to adapt to the ever evolving threat landscape and the sundry of threat actors dwelling all over the world.
Read Next
The U.S. and UN Cybercrime Convention: Progress, Concerns, and Uncertain Commitments
The U.S. issued an updated position seeking to move forward the UN Convention Against Cybercrime, a treaty intended to improve the global community’s ability to combat evolving cybercrime threats.
The Counter Ransomware Initiative with Hamish Hansford (DCP S2 E8)
In the latest Distilling Cyber Policy, Alex Botting and Jen Ellis are joined by our second-ever Australian guest: Hamish Hansford, the Deputy Secretary of Cyber and Infrastructure Security Group at the Australian Department of Home Affairs.
Counter Ransomware Initiative Adds Private Sector Members
Earlier this month, more than 68 countries and organization members met for the fourth annual International Counter Ransomware Initiative (CRI), which included the addition of a public-private advisory panel.