To fill the cybersecurity skills gap, the sector needs to boost diversity

In the cybersecurity industry, there are currently two major issues that need to be addressed as soon as possible: first, the global cybersecurity skills gap; and second, the lack of diversity in the cybersecurity workforce. Studies have shown that 3.4 million people are needed to fill the global cybersecurity workforce gap. A survey by the World Economic Forum found that 59% of businesses would find it difficult to respond to a cybersecurity incident due to the shortage of skills. Data from 2022 showed that the problem is getting worse, with the workforce gap increasing by 26.2% compared to 2021.

At the same time, the cybersecurity sector has a pronounced lack of diversity. Women are underrepresented in STEM (Science, Technology, Engineering and Math) jobs generally, and in cybersecurity specifically, women only make up an estimated 24% of the workforce. Minority representation within the cybersecurity field is around 26%. To fill critical positions, the industry needs to address this.

Our research into the cybersecurity skills gap has found that it has a negative impact on organizations, increasing the likelihood of security breaches and the loss of money and reputation. Cybersecurity incidents are having a greater impact on the global economy than ever before with close to $600 billion, nearly one percent of global GDP, being lost to cybercrime each year. Frequent attacks to the global supply chain, including fuel and food, affect our everyday lives. Our research also shows that the number of new ransomware variants identified in the first half of 2022 increased by nearly 100 percent compared to the previous six months.

Many people may believe that they can't pursue a career in cybersecurity because they need years of experience or a highly technical background. In reality, the cybersecurity field offers opportunities for nearly everyone. Training and certifications can help individuals gain the necessary technical skills to pursue careers in the field. IT recruiters need to understand this, and extend opportunities to candidates from diverse backgrounds who may not have a traditional cybersecurity-professional career trajectory.

Organizations can benefit in a range of ways from hiring people from underrepresented groups, such as women and veterans. The benefit of hiring veterans is that they often possess the right mindset: teamwork, leadership, service, and ability to problem solve under pressure, among other qualities. Greater diversity can also help to bring diverse perspectives to tackling challenging problems. Female leaders can bring experience and technical skills to the table, but also those essential soft skills, including analytical, communication, and interpersonal skills. For example, women have higher rates of entry from self-learning (20%) compared to male counterparts (14%). Research shows that the more diversity you have in your teams, the more effective they are going to be.

There are already efforts by global organizations with programs in place to hire more individuals from underrepresented groups: 75% of organizations have formal structures to recruit more women and 59% have strategies in place to hire minorities. Additionally, 51% of organizations already have efforts in place to hire more veterans. But employers and hiring managers still need to focus on retaining diversity through career growth opportunities and promotion, as well as recruit by partnering with organizations focused on enabling women, veterans and others to build careers in cyber security.

Continued learning and professional development are key for career growth in the cybersecurity sector. There are free resources available for people looking to advance their skills or enter the field. The Cybersecurity Learning Hub, founded by Salesforce, Fortinet, the Global Cyber Alliance and the World Economic Forum, is democratizing access to cybersecurity education by providing free training and resources for individuals to begin their cybersecurity careers, as well as raise awareness about how to stay safe in the digital world. The Hub has already trained over 122,000 individuals across all continents.

A career in cybersecurity can be a great choice for job seekers – or anyone considering a career change – knowing there will always be a demand for cyber skills. In 2020, the World Economic Forum Future of Jobs Report suggested that 50% of all employees will need reskilling by 2025, with 40% of workers’ core skills expected to change in the same period. With the right training and support, cybersecurity could offer people from underrepresented groups much-needed employment opportunities.