Diversity in the cybersecurity sector is an important and complex issue, but building a more inclusive and effective cyber security workforce is crucial to tackling growing cyber threats effectively.
A recent study by the World Economic Forum shows that 59% of global businesses would find it difficult to respond to a cyber security incident due to the shortage of skills. So, how can organisations make sure that they have a robust system and the right people inside their organisation to mitigate against the risks, as the world’s dependence on technology continues to grow?
As part of the ITN Business news-style programme ‘The Cyber Impact’, leaders within the cyber security industry addressed some of the key challenges linked to the skills gap in the sector.
Back in December 2021 the government published the National Cyber Strategy, which set out the UK’s place as a leading authority on cyber security. Diversity was a key pillar in that strategy.
(The) Viscount Camrose, Under Secretary of State in the Department for Science, Innovation and Technology, said: “Diversity obviously is a good thing, but in terms of cyber security, it’s also good because our assailants are very diverse. They come from this very wide range of spaces and have a wide range of motivations. And the broader our base of people who are working to defend us from that, the more secure we’re going to be.”
To help support companies in boosting diversity in their teams, the government has launched the upskilling cyber programme, a funded course designed to prepare individuals from a variety of backgrounds for roles in cyber security. In 2023, more than 4,700 people were enrolled in the scheme.
The cyber security landscape is highly dynamic and moves at a very fast pace, which makes it vital to tap into new talent pools and continue to grow and upskill the workforce in the sector.
“A lot of the changes that are going to come in the next 5, 10 years are going to come because of emerging technologies, particularly AI,” explains Viscount Camrose. “Now, all these emerging techs are dependent on a secure cyber environment. That means that the foundational layer of any growth in productivity or any growth in the economy that we’re going to see is dependent on cybersecurity.”
Investing in people and skills and fostering strong partnerships between academia, government and industry is fundamental to success.
Collaboration underpins diversity of thought and skills
The benefits of collaboration and knowledge sharing highlight the human element of cyber and the importance of the industry in addressing diversity at a holistic level. A challenge, BAE Systems is tackling head on.
Purvi Kay, Head of Cybersecurity, Governance, Risk and Compliance for BAE Systems, highlights how their approach to diversity of talent is enabling customers to have an advantage in decision-making and stay ahead of cyber criminals.
“If you think about how diverse the cyber threats are themselves, how sophisticated they are, we need the same diversity and sophistication in the people that are helping us tackle those threats,” he explains.
“When you think about that diversity gap, you think about gender, but there’s much more than that. Neurodiversity is one we are focusing on quite a lot right now because the behaviours and traits of neurodivergent individuals are so crucial for some of the cyber roles we need.”
Developing cyber resilience with an effective people strategy
Diverse recruitment practices such as balanced interview panels and focusing on potential rather than qualifications are one approach. Outreach programmes to engage with underrepresented groups and the increased provision of grants and scholarships is another tactic to boosting diversity.
The apprenticeship pathway is opening new opportunities for underrepresented talent. But, perhaps the most effective way to ensure barriers to entry are broken down is to encourage diverse individuals to pursue leadership roles in cyber security, providing a source of inspiration for balanced representation for the future.
In today’s connected world, everyone’s at risk from cyber criminals; individuals, governments, organizations, large and small — and the consequences of attack potentially devastating.
To find out more about the work being done by organisations in this sector, watch The Cyber Impact, an ITN Business programme produced in collaboration with UK Cyber Security Council and the International Cyber Expo.