EDITOR’S QUESTION
WHY IS A DIVERSE
WORKFORCE SO
IMPORTANT IN
CYBERSECURITY
AND HOW CAN
ORGANISATIONS
ADDRESS CHALLENGES
AROUND THIS?
//////////////////////////////////////////////////////////////////////////////////////////////////////////
T
he IT security industry is still failing
to attract workers beyond a highly
limited demographic, the Chartered
Institute of Information Security (CIISec)
has warned.
Unless it can embrace greater diversity
– in gender, age, ethnicity, disabilities
and experience – it will face a stagnating
workforce and be unable to keep up with a
rapidly expanding skills gap.
According to the Enterprise Strategy Group,
the number of organisations reporting a
problematic shortage of cybersecurity skills
has increased every year since 2015.
At the same time, CIISec’s survey of
information security professionals showed
that 89% of respondents were male and
89% were over 35; meaning the profession
is still very much in the hands of older men.
If the diversity issue isn’t addressed, then
not only security, but future development of
the cybersecurity industry itself, will suffer.
Many organisations point to the need to
develop specialist security skills as a reason
for reduced diversity, as employees need the
32
INTELLIGENTCIO
“
IF THE DIVERSITY
ISSUE ISN’T
ADDRESSED,
THEN NOT ONLY
SECURITY,
BUT FUTURE
DEVELOPMENT
OF THE
CYBERSECURITY
INDUSTRY ITSELF,
WILL SUFFER.
right technical background. Yet the majority
of IT security professionals (65%) still
believe that the best way to develop security
skills is to learn on the job.
At the same time, many individuals will
have already developed the skills needed
in security in other careers, from attention
to detail and identifying unusual patterns
of behaviour, to the communication skills
needed to drive security awareness and
behavioural change in others.
“The expectation that security is purely a
technical subject has led to a focus only
on very specific individuals to fulfil roles,”
said Amanda Finch, CEO of the Chartered
Institute of Information Security.
“Even if we weren’t in the middle of a skills
crisis, increased diversity should be a priority
but the present situation makes it critical.
“Expanding the industry’s horizons isn’t
only essential to make sure the industry has
the skills it needs. It will give a whole range
of individuals the opportunity to thrive in
a new career and, in the long term, protect
the industry from stagnation by introducing
more varied backgrounds.
“If the industry starts to attract a more
diverse range of people while spreading
awareness of the opportunity available,
we could be well on the way to truly
modernising the industry,” concluded Finch.
www.intelligentcio.com