Lynn Dohm
Executive Director, Women in CyberSecurity (WiCyS)
Technology is integral to daily life, elevating the importance of a skilled cybersecurity workforce. While many reports call out a talent shortage, improving inclusion could improve retention and recruiting.
One challenge every organisation faces today is the critical shortage of cybersecurity professionals. This October, the ISC2 released its 2023 Cybersecurity Workforce Study, showing a record gap of 4 million professionals.
Dwindling talent in cybersecurity
As technology becomes increasingly intertwined with everyday lives, that gap will continue to expand, compounded by retention issues. Gartner estimates nearly half of cybersecurity leaders will change jobs by 2025 (25% leaving for completely different roles). Not only is the need growing, but the field is also losing talent at an unacceptable pace.
Building the workforce pipeline is overdue
Investing in cybersecurity talent is vital, and many colleges and universities offer programmes to develop cybersecurity skills. Nonprofits, such as Women in CyberSecurity (WiCyS), are also building the pipeline by including groups frequently sidelined in the information technology and cybersecurity fields.
These organisations add diversity of gender, ethnicity and culture to resolve the issue of underrepresentation in cyber but also offer mentor/mentee programmes, conferences and career fairs, professional development programmes and many other resources to expand opportunities. Training diverse individuals to fill openings in the workforce is a critical first step to resolving the workforce shortage.
Investing in cybersecurity talent is vital,
and many colleges and universities offer
programmes to develop cybersecurity skills.
Retaining cybersecurity talent
As important as adding underrepresented groups to the cyber workforce is, it’s not the only change needed. It’s also essential to plug the leaky pipeline: all the individuals who join the cyber workforce but choose not to stay.
According to WiCyS’s State of Inclusion of Women in Cybersecurity report, many women feel excluded in terms of respect and professional growth. Simply hiring women and minorities is not enough; organisations must put initiatives in place to ensure greater inclusion in both word and deed. Women and underrepresented individuals need to believe that they not only belong but can thrive and advance in cybersecurity careers.
These changes will not only improve the cybersecurity workforce shortage but also provide the truly diverse mindsets needed to break up the existing groupthink mindset to address the challenges of today and tomorrow.
WiCyS is collecting data for the next industry benchmark report — register for a workshop to help expand the study.