Diversity in cyber
According to a recent study carried out on behalf of the Department for Digital, Culture, Media and Sport (DCMS), 22% of the cyber security workforce (versus 51% of the overall population) in the UK is female. Although this figure is rising, gender isn’t the only thing to consider when creating a diverse workforce.
The DCMS also reported that those from a Black, Asian, or minority ethnic background make up 25% of the same workforce (versus 18% of the total population), up from 16% in 2020, which is encouraging to see.
Cyber attacks impact all of us – and so the sector should reflect society in its workforce. This must include those from varied socioeconomic, geographic, academic, and professional backgrounds, and those who are neurodivergent or with additional needs as well.
There are so many ways that organisations can increase diversity, and a number of great initiatives are already in place.
Think outside the box
There’s no one route into a career in cyber, and by considering potential employees from non-technical backgrounds when recruiting, organisations will have access to a larger pool of talent. Not only does this increase the chances of finding the right candidate for the job, but also brings more varied skill sets into any organisation.
The DCMS found that while over half of cyber employees surveyed came into cyber as an experienced hire or career switcher, only 19% entered as a school leaver, or via apprenticeship or graduate scheme. Although this is a great start, those hiring for cyber roles should recognise that relevant experience doesn’t necessarily come from a university degree.
There are bootcamps and other online resources that can train people who don’t have a technical background or a university education, so don’t discount people based on their career or studies to date.
For those who are unsure about how to make the switch, or start their career in cyber, there are a number of events during CyberScotland Week. For example, The UK Cyber Security Council and Skills Development Scotland is hosting an interactive webinar to discuss the various routes into a career in cyber security, as well as sharing tips on how to progress and upskill.
Similarly, look beyond your local area. A recent ONS study found that since the lifting of lockdown restrictions, 71% of those working in tech were still working from home. This means organisations and employees no longer need to limit themselves geographically to attract top talent. Not only does this broaden the pool but gives the added benefit of flexibility to the cyber workforce.
Managing the balance
Attracting a diverse workforce is only half the battle. If your organisation’s culture isn’t inclusive and doesn’t prioritise a healthy work-life balance, then you risk losing talent quicker than you find it.
Particularly with younger members of the workforce, they’re looking for roles with a strong work-life balance. By making sure that your people feel supported to balance their busy work schedule with everything else in life, you open yourself up to attracting talent that may have otherwise felt a career in cyber was not for them.
The 4-day workweek is a great example. Enforcing a change this large can be hard, and won’t work for all sectors, but can bring a huge range of benefits to employees and employers alike. The Scottish Business Resilience Centre has just completed a successful trial and put its success down to including employees throughout the process.
There are other ways to promote a healthy work life balance too, by creating a family-friendly work environment, offering flexible leave and enabling open communication to create a healthy work environment for all employees from all backgrounds and walks of life.
Break away from ‘groupthink’
In bringing together a diverse workforce, you open yourself up to a host of benefits including improved problem-solving and innovation; a more balanced decision-making process, and greater resilience to cyber threats – all thanks to varied perspectives and experiences.
Recently, Glasgow Caledonian University, Cisco and Scotland Women in Technology established a partnership to inspire and encourage women to keep learning and increase their career options in digital and cyber security by offering short course scholarships.
If this sounds daunting, remember you’re not alone. There’s a wider movement to promote diversity and inclusion in the cyber sector.
The CyberScotland Partnership provides organisations with the tools to educate all employees from all backgrounds. From free guides introducing cyber security, to professional qualifications, the CyberScotland Partnership pulls together resources from across the network to make it as easy as possible to find the support needed.
By providing training, mentoring, and other support to women, ethnic minorities, and other under-represented groups, these initiatives and organisations are helping to increase the diversity of the cyber security workforce and ensure that the field is accessible to all.
As well as support for organisations, there is a range of support available for individuals considering a career in cyber, such as the career advice session from ScotlandIS during CyberScotland Week.
Working in cyber is for everyone; those of us in positions to engage with the next generation of talent must stay open to creating as diverse a workforce as possible if we are to combat the ever-rising threat of cybercrime.