Organisations need more women, neurodiverse individuals and those from different cultural backgrounds to focus on cybersecurity to meet increased online security challenges.
Diversity & Inclusion (D&I) strategies, improved in-house training and alternative career paths can help meet the employment shortfall in cybersecurity.
As more companies modernise, streamline and speed up their processes through digital transformation, the cybersecurity risk increases. The need for greater investment in cybersecurity is becoming increasingly apparent, but the training and certification organisation (ISC)² estimates that by 2022 around 1.8 million cybersecurity jobs globally could remain unfilled. To meet this challenge, companies such as EY are looking at ways of widening the pool of job applicants to include more women, more neurodiverse individuals and those from culturally diverse backgrounds. Positive role models are needed to change the currently popular image of the cyber professional as the young male in the hoodie.
A process of defence
Indeed, cybersecurity is not simply a counterpoint to hacking, but rather a process of defence that can involve behavioural analysis as well as the search for technical solutions. It is important to recognise that the skill sets of project managers, for example, are transferable to a cybersecurity context. But for this transition, better in-house training capacity is essential. Such a focus on training to date has been lacking, compounded in the wider context by a lack of academic programmes dedicated to the subject.
Positive role models
EY has focused on creating multidisciplinary teams to better utilise the human resources that it has available. This includes a strong focus on women, who make up just 11-25% of all employees engaged in cybersecurity. To blaze the trail for other women to follow, EY is inviting inspiring women to the workplace to give talks about their careers. But efforts should amount to more than just tick-boxing and politically correct exercises. Governmental and NGO-led initiatives have been shown to significantly increase the share of women working in the field and thus increase available expertise. For example, in India, women comprise 34% of cyber professionals, in part due to government-initiated schemes that promote STEM education for women.