Photo: Carlos Delgado CC BY-SA 3.0, from Wikimedia Commons
By John Connolly
Seven cyber training initiatives which are aiming to improve diversity and boost the number of people working in security have received funding from the Department for Digital, Culture, Media & Sport (DCMS).
The schemes, which focus on training underrepresented groups in cyber skills, are CompTIA, Immersive Labs, PGI Cyber Academy, the National Autistic Society (NAS), UK Cyber Security Forum Community Interest Company (CIC), Youth Fed and the Integrate Agency CIC.
They will be financed by the Cyber Skills Immediate Impact Fund (CSIIF) which was created in February this year to support the government’s aim of nurturing and improving home-grown cyber talent in the UK.
Each of the initiatives has a different focus but will look to lower the barriers to entry into a cyber career and improve the security skills of neurodiverse individuals, young adults, lone parents, women and people from a range of diverse backgrounds.
The Cyber Security sector has traditionally suffered from a lack of diversity. To give one example, less than 11% of the global cyber workforce are female, and women are nine times less likely to hold managerial positions than men.
Meanwhile, large organisations and the public sector are increasingly complaining of a cyber skills shortage, with 51% of large enterprises saying in 2018 that the lack of skills available to them is problematic. As the sophistication of online attackers grows and the impact of poor cyber security becomes catastrophic, this inability to hire and find new security talent is quickly becoming an existential threat for organisations looking to protect themselves from attack.
Improving access for underrepresented groups is seen as a logical step towards overcoming this problem. Diverse individuals represent a rich pool of potential talent which has not yet been tapped into and if they can be encouraged to enter and return to the cyber security field, many of the problems around hiring could be solved. As a knock-on effect, diverse workforces have been shown to work together more effectively, and by bringing together people with more varied life experiences, better able to overcome new challenges.
The National Cyber Security Centre (NCSC) certainly believes this, and has led the way on a number of cyber initiatives which aim to improve diversity in their own workforce.
Nicola Hudson, NCSC director of communications, speaking at CyberUK 2018 in Manchester argued that diverse teams are best placed to tackle security threats:
“We need to bring together people from a range of disciplines and backgrounds to work together on this. We also need to bring to bear the widest pool of talent that we possibly can and that means we need a much more diverse workforce.”
“Without true diversity we are in danger of group-think, behaviour challenges and quite frankly we will not tap into the skills we need.”
While this will be a formidable challenge for the cyber security field in the years to come, the seven schemes supported by the CSIIF should be applauded for their attempts to open up exciting security opportunities to those who have previously been left out in the cold.