Diversity in the Security Industry

Article - IT
By Stephanie Garey|3rd April 2023

The recent GDS Security Summit brought together more than 100 senior security leaders to discuss the challenges, opportunities and shifts happening in the current climate. Many themes came up throughout the three days including data compliance, cloud security and the human element. But one theme that really shone through was the need for diversity in the security industry.  

Frost and Sullivan’s Center for Cyber Safety and Education’s recent report found that while minority representation within the cybersecurity field is slightly higher – at 26% – than the overall USA minority workforce at 21%, the study reveals that racial and ethnic minorities tend to hold non-managerial positions. It shares that this results in pay discrepancies, especially for minority women, which is a challenge. Furthermore, according to Cybersecurity Ventures, the global cybersecurity workforce – short some 3.5 million workers in 2021 – is only 25% women.  

This is just a short snapshot of the state of diversity in the industry right now. So, what were some thoughts from our experts in the security field from the GDS Group summit? 

Borders 

When it comes to finding diverse talent, we really need to do our research on what other countries are doing to stay ahead of the game. During a panel discussion about the talent shortage, Michael Beaupre, the Head of Cyber Security at Hays explains, “we need to research salaries across industry in other countries to make ourselves competitive, because the experts go where the money is, the borders don’t matter to them.”  

 

 

And maybe in your organisation’s quest to find more diverse talent, the boarders shouldn’t matter so much to you either. Especially as 57% of cybersecurity professionals themselves believe that diverse teams lead to more effective problem-solving, and they don’t necessarily have to have all the right experience either. 

Experience

Experience seems to be the biggest piece of this puzzle. We need to change our mindsets on looking and waiting for this ‘perfect candidate’. Instead, we should be creating fuller teams that cover all skills and experiences needed to function fully. Nihal Newman, Director of Network Security at Ofcom shares during the panel, “I’ve learnt it’s so hard to find that one ‘single unicorn’ person who has all the skills I’m looking for. So, you can bring all the skills together across the entire team. In particular, the policy skills, the stakeholder engagement, because there’s so much influencing, communicating, and bringing those into the team. And collectively you then have that single unicorn.” 

And Michael adds “we often constrain ourselves by experience requirements, certification requirements, language requirements, country requirements, industry requirements.” 

“We’re killing ourselves like that. We need to look for talent in potential, and not just in skills and industrial experience.”
 Michael Beaupre, Hays 

Neurodiversity

One of the more hidden diversities is neurodiversity. Nihal explains “it’s so important because there are so many neurodiversity’s, and people with certain skills that we’re not tapping into. Strength and skills around problem solving data analysis is often brilliant.” So, finding and tapping into those different ways of thinking is essential. 

We must also create the right space, and the right culture for everyone and their diversities to thrive. Nihal explains, “having quiet spaces so people can focus is essential, as is developing the knowledge in our organisations and teaching people that there are new norms and ways of working now.” Yes, indeed we shouldn’t think historically that this is how we’ve always done it, and these are the stereotypical people we want to have in the organisation now evolve ourselves so that we’re bringing the talent in.  

Culture

When it comes to culture and security as a whole – it plays a huge part in diversity. Nihal explains “we need to look outside of security being just an IT issue. Once you do that, you automatically start broadening opportunities for talent that you can bring into your organisation. Because when security is in the culture, you start looking at people with leadership skills, and other crucial business skills, people who understand the risks from all perspectives.” 

Off the beaten track

There is a lot of untapped talent out there. Given that the global cybersecurity workforce was short 3.5 million workers in 2021, we need to go and find that talent. John Graham-Cumming, Chief Technology Officer at Cloudfare makes the great point around ensuring your teams have all walked different paths.  

“It should be blindingly obvious that we should be striving to have diverse backgrounds. We often think about gender, sexual orientation, or race, but we should also be thinking about the path they’ve taken.” 
John Graham-Cumming, Cloudflare 

The pathways people take are what make them unique, increase their problem solving and give different insights into how to world works. 

John continues “cybersecurity is an ever-changing world, with ever changing adversaries and threats. And so, the only real way to cope with that is to be someone who has a high degree of curiosity and wants to learn and also is able to look at a problem from an interesting angle. And you only get that with you have a diverse team of people.” 

So how do we find diverse talent?

John advises, “it’s about being open minded about who you’re looking for. And what that means is not looking for a specific experience or a specific skill set that you’ve done before because people can learn anything. Be open minded about the route to which someone’s taken.” Yes, you’re really going to have to go look for those people because they’re probably not going to present themselves and they are likely to rule themselves. John explains one way to get them to present themselves though, and that’s through rethinking job descriptions.  

“It’s important how you write job descriptions and ads for jobs to make sure people don’t automatically exclude themselves. Because if you put in there a long list of must have’s that Ivy league degree, and x amount years of experience, then what happens is people will knock themselves out of the running very early, and especially people who are from a diverse background.” 

Nihal also shares, “we work with organisation’s like the Cyber Security Council. They’re thinking about security in the broadest perspective. They’re thinking about general cybersecurity, they’re thinking about risk management, they’re thinking about governance.” 

And some final, sage advice from Nihal. “I’ve experienced myself as a woman is when we look at a job spec, we think ‘Oh, there are ten things, but I can only do five.’ Please, for the women out there today listening to this, if you feel you can do five of the ten, look at your transferable skills, how you can leverage them and what you can bring to the role. Because that is what I did. That is how I recruited 40% of the women in my team. They are not from a cyber background, but they bring skills in the team that nobody else brings, and that helps us collectively as a team thinking about the problems that we’re trying to solve today.” 

So why not join us in the conversation? To learn more, you can listen here to a conversation with a hacker. 

Or join us at a GDS summit. They’re tailored, 3-day virtual event conferences that bring together business leaders and solution providers to accelerate sales cycles, industry conversations and outcomes. Regarding the security digital summits 83% of solution providers said the overall experience of the digital summit they attended was ​above average or excellent and 83% of solution providers said they would be interested ​in sponsoring future events.   

For more, click here to hear from attendees on how GDS has helped them to achieve their business outcomes.   

Continue the debate at GDS’ security digital summits where we bring together senior security executives who are actively seeking to share, learn, engage, and find the best solutions. Apply to attend.   

By Stephanie Garey|3rd April 2023
Back to insights

Related content

View all
IT
Article

The GDS Summit attendee experience

What is a GDS Summit and how can attending help you to deliver success?
Sapphire Smith
Find out more
IT
Article

Chat GPT:Learnings from the first six months

OpenAI’s ground-breaking large language model is proving a game-changer for businesses everywhere. So, what have we learned thus far?
7 minute read
Ben Thompson
Find out more
IT
Article

Why do so many transformations fail, and what can you do about it?

We’re all transforming, to a greater or lesser extent. But that doesn’t mean we’re all doing it well. So what does good look like? And how do we avoid
7 minute read
Ben Thompson
Find out more
IT
Stories

Twilio build over $11 million in attributed pipeline through suite of GDS Experiences.

Find out more
IT
Article

Wrestling with data: How WWE built a data-driven empire

Best known for its superstar wrestlers and all-action entertainment, WWE has – quietly but surely – established itself as a true sports data and analy
9 minute read
Alex Wood
Find out more
IT
Stories

SecureWorks positions itself as a trusted advisor 

Find out more
IT
Stories

Pipeline generation and unlocking the c-suite for Deep Instinct

Find out more
IT
Article

Five Steps to Building a Resilient Enterprise:The Broadcom Perspective

We look at five steps for organizations to take to build more resilience as highlighted by Nicole Fagen, Director of AIOps and Automation at Broadcom.
5 minute read
Jade Gamlin
Find out more
IT
Article

From digitalization to business value creation:Five steps to navigating the transformation journey

Read about the realities, expectations, success factors and investments needed to achieve true business for digital transformation delivery.
Jade Gamlin
Find out more

Related events

View all
GDS Roundtable Environment with host, Kristina
IT
Roundtable - America

Confidently migrate enterprise applications and workloads to Google Cloud

25th September 2023 09:00 - 10:30 EST
Find out more
GDS Roundtable Environment with host, Ben
IT
Roundtable - America

Unlock the power of generative AI in transforming banking

25th September 2023 10:30 - 12:00 EST
Find out more
GDS Roundtable Environment with host, Ben
IT
Roundtable - America

Unlock the power of generative AI in transforming banking

25th September 2023 11:00 - 12:30 EST
Find out more
GDS Roundtable Environment with host, Kristina
IT
Roundtable - America

Your cybersecurity strategy: securing the future of CPG success

26th September 2023 09:00 - 10:30 EST
Find out more
GDS Roundtable Environment with host, Ben
Digital
Roundtable - Europe

The key ingredients for winning with customer experience

26th September 2023 13:30 - 15:00 CET
Find out more
GDS Roundtable Environment with host, Kristina
IT
Roundtable - America

Lessons from the trenches: successful deployment of collaboration tools in financial services

28th September 2023 10:00 - 11:30 EST
Find out more
GDS Roundtable Environment with host, Kristina
IT
Roundtable - America

A look at how today’s most successful companies are succeeding in disrupting markets with a product mindset & approach

29th September 2023 09:00 - 10:30 EST
Find out more
GDS Roundtable Environment with host, Kristina
IT
Roundtable - America

How always-on compliance creates strong trust and brand reputation

2nd October 2023 10:30 - 12:00 EDT
Find out more
IT
Summit - North America

Digital Innovation Digital Summit: New technology to drive business innovation

3 - 5th October 2023 08:00 - 10:50 GMT
Find out more