As 2022 gets underway, different COVID-19 variants keep businesses focused on cybersecurity issues across hybrid working models. However, an ongoing issue that could threaten efficient protection for businesses remains the ongoing shortage of talent for cybersecurity roles. Indeed, recent research by Harvey Nash Group has revealed a shortfall of 10,000 people a year in the UK’s cybersecurity talent pool alone.
To make up for that shortfall, the cybersecurity industry needs to correct the evident gender disparity that continues to be an issue for the sector. For example, it was recently found that women only make up roughly one in four jobs in cybersecurity. While some progress has been made to correct the disparity, including several organizations launching initiatives to address this (women in cybersecurity scholarships, for example, or GCHQ’s CyberFirst Girls Competition, with a shout out to the 2022 winners!), fully correcting gender disparity in cybersecurity, and hiring more women into cybersecurity roles needs to be a priority for the industry this year.
Changing Industry Perception
Cybersecurity often has the perception that it is solely focused on the lone ranger sitting in a darkened room, responding to the “bad guys.” In terms of attracting talent, this may not appeal to those who are searching for a career that is people-focused and being part of a team. The issue of not having enough women represented in cybersecurity positions ultimately boils down to the industry not doing a sufficient job in explaining how broad and attractive the industry really is for potential employees.
The industry needs to speak about cybersecurity beyond the default “attackers” and “ransomware” elements to remedy this. Cybersecurity roles involve a range of interesting responsibilities, including product development, technology architecture, people’s behavior/usability, business impact, risk management and trade-offs, as well as situation management. To address these elements, the industry must have a broad and diverse set of skills on board. This is why the industry must change its siloed perception to attract new talent and address the lack of women taking on roles in the industry.
Without Addressing Gender Disparity, the Industry Risks Building Solutions That Don't Provide the Security We Need
If there is no diversity in the product life cycle in cybersecurity, organizations could build products that don’t meet the market needs. Similarly, without a diversity of voices in the sector, the cybersecurity industry could potentially develop solutions and responses inadequate for protecting all consumers and businesses. As IT continues to encroach into our daily lives, the industry needs to make sure that it is designing, building and solving security problems that address how the general population works, thinks and lives. The World Economic Forum outlined how a lack of diversity blinds us to how attackers can impact businesses and rob the cybersecurity industry of the talent and engagement of essential parts of the global population. Furthermore, a lack of different perspectives saps the industry’s energy and ability to look ahead to future threats. It’s therefore integral that the industry begins to appeal more broadly to women. This is incredibly pertinent now, as cybersecurity is becoming one of the greatest challenges of the modern digital era, with cyber-attacks being in the top ten biggest risks for businesses globally, according to the Allianz Risk Barometer.
To overcome the issue of gender disparity in the industry, cybersecurity needs to evolve its perception to attract the broad range of talent required to protect consumers and businesses from cybersecurity threats. Cybersecurity needs to promote the range of roles and responsibilities available – and shift away from just being focused on ransomware and attackers. Without addressing the gender disparity across all cybersecurity roles, the industry will never fulfill the current talent shortage, thus posing a threat to businesses. Solving this gender gap will help navigate the recruitment shortfall and provide much wider benefits to the industry.