The Cyber Dawn
Cyber Talent GapCybersecurity

The Root Cause of Untapped Talent in Cyberspace

Dawn Kristy

The US labor market appears to be broken and the root cause is the hiring system.

Automated Resume-Scanning Software

The recent article by The Verge highlights a new report from Harvard Business School that finds automated resume-scanning software is contributing to a “broken” hiring system in the US.

Resume-scanning software is mistakenly rejecting millions of viable candidates, say the Harvard study’s authors. The result is “hidden workers” — individuals who are able and willing to work but remain locked out of jobs by structural problems in the labor market.

For those of us who have our hearts and careers invested in cyber protection and cyber risk solutions, this news is heartbreaking.

With the uptick in cyberattacks over the past two years, we need a shift to fill the cyber talent gap – cybersecurity, cyber innovation, cyber education, cyber law, cyber insurance, and cyber reinsurance – to name some of the sectors vying for new talent.

The ethical and philosophical questions about the US labor market can be fully addressed in scholarly papers. The reality is that in cyberspace, we are falling short when it comes to broadening our perspective to become more diverse, equitable, and inclusive.

TechRepublic illustrates the opportunities for positive results if cybersecurity companies attract diverse candidates.

Women will hold 25% of cybersecurity jobs globally by the end of 2021, according to a projection by Cybersecurity Ventures. That’s up from 20% in 2019, the firm said. Meanwhile, only 12% of Black professionals worked as information security analysts in 2020, according to the U.S. Bureau of Labor Statistics.

Meanwhile, a 2019 (ISC)2 study found that the global cyber workforce will need to grow more than 145% to meet the demand for professionals. 

Diverse cybersecurity teams are important because they consistently prove that they are capable of greater innovation, creativity, and productivity, according to Zaira Pirzada, principal, advisory at Gartner, which helps the organization and its clients. The research by Gartner finds that a diverse workforce improves performance by 12%, and it increases an employee’s intent to stay with an organization by 20%, Pirzada said.

“Diversity also fosters creativity, reduces fear, and helps solve complex problems through the inclusion of a variety of perspectives,” she said. While it might seem counterintuitive, there is no shortage of diverse candidates for cybersecurity roles, but there is a skills shortage, Pirzada noted.

Job Description Failure

Yet, Gartner finds that “security leaders artificially limit their talent pool by overburdening their job search with narrowly-defined qualifications,” Pirzada said. Instead of requiring that a candidate possess a litany of certifications and potentially unnecessary technical experiences, security leaders should broaden their search and look for diverse candidates with varied skill sets, she said. 

Ian McShane, field CTO at security operations software provider Arctic Wolf, agreed, saying that unconscious bias, poorly written job descriptions, and preconceived notions of what is required for security jobs are not only deepening the skills shortage but a diversity shortage in the industry as well.

Much of the issue is self-imposed, McShane added, and organizations must reframe their expectations of who can fill roles and what skills are required for addressing today’s cybersecurity issues.  

The words used in job descriptions are impacting people who are applying for the roles, he said. It’s important to specifically mention what the person will do day-to-day. That way, “someone’s life experiences might line up with those tasks,” McShane said.

Culture Reset

To attract diverse candidates, organizations should commit to working on themselves and their culture first, and work with their employee resources groups and diversity, equity, and inclusion teams to enhance their cultural understanding, Pirzada advised.

Leaders should consider partnering with HR to look outside of their traditional hiring networks. By casting a wider net and broadening their search to less traditional environments, security leaders can conduct a more equitable and less biased job search, Pirzada said. 

It is time to move beyond filling a square with a square, allowing a circle to join an organization and expand the horizons of the entire team in the process.

Featured image (top) by RF._.studio from Pexels

Dawn Kristy

I am a nationally recognized thought leader and cyber subject matter expert. I advise clients and executives on how to bridge the gap between IT, business, and communications strategy with difficult cyber, privacy, or emerging risks, I collaborate with experts and clients on risk management, data management, and compliance in various industry verticals, including financial services, healthcare, manufacturing, construction, logistics, law, and federal government contracting.

You May Also Like

Women Helping Women In CyberSecurity (WiCyS)

Dawn Kristy

Cyber Insurance Solutions adds Dawn Kristy, JD, as Business Advisor

Dawn Kristy

WiCyS Annual Conference

Dawn Kristy

Leave a Reply