Bridging the talent gap in cybersecurity
Bridging the talent gap in cybersecurity

Major companies are investing to increase diversity in their workforce, says recruiter Domini Clark.

The talent gap in technology came into sharp relief in 2014 when Google, Yahoo! and Apple, among other industry leaders, started releasing data on diversity among their employees. All three companies are investing in increasing diversity and they are making progress, but the problem won't be solved overnight. As you might expect, the problem is particularly acute in cybersecurity, where the scarcity of talent is hard to over-estimate.

According to the Bureau of Labor statistics, of the employed adult population, about 47 percent are women, 12 percent are African-American, 16 percent are Hispanic and 5.8 percent are Asian-American. In contrast, the National Cybersecurity Institute reports that women make up only about 20 percent of that profession and African-Americans, Hispanics and Asian-Americans combined make up only 12 percent.

Make your environment welcoming – If those industry giants are challenged, what can the rest of us do? A good first step is a long, hard look at your own organization. Even if there is no active discrimination, lack of diversity can make cybersecurity departments look like good ol' boys clubs, further discouraging members of under-represented groups from pursuing careers in this space. 

Leaders in the field need to make a point of integrating and welcoming women and minorities, ensuring that they are engaged, contributing members of the team. “Women at the senior level are beacons for other women,” says Elizabeth Ames, the Anita Borg Institute's senior vice president of marketing, alliances and programs. Undoubtedly this is true for people of color as well.

Outreach and engagement – Another strategy is to promote outreach programs that engage women and minorities. According to the Wall Street Journal, big banks like J.P. Morgan Chase and Citigroup are getting results through programs targeting different groups. Some have even started “re-entry” programs to attract women who took a career break to care for dependents or others.

You might post openings on job boards of associations and magazines, like the National Black MBA Association, Ascend Pan-Asian Leaders, National Association of Professional Women, Association of Latino Professionals for America, and others. For entry-level roles, recruit from colleges and universities that have large numbers of students from underrepresented groups.

Enhance your employment brand – Members of under-represented groups can promote their own interests by getting involved with organizations like the Women in Security special interest group within ISSA, Women in Technology (WIT), Blacks in Technology (BIT), the International Consortium of Minority Cybersecurity Professionals (ICMCP), and others. Your company should also get involved in these kinds of organizations to establish a reputation for supporting diversity in cybersecurity.

According to Sharon Florentine of CIO.com, two other big issues are: access to and the cost of training. Even entry-level classes can cost thousands. However, organizations like Cybrary.it and SANS CyberAces are trying to fight that by offering free online courses covering the most current topics. 

Women and minorities should be encouraged to explore cybersecurity at a young age. Melinda Gates, for example, recently launched a new initiative to attract and retain women in tech fields, citing a “leaky pipeline” in education as a key issue. According to her, solutions have to start at the elementary school level. If your company has an opportunity to attend career events at high schools and even middle schools, be sure to promote the field. If you can send employees who represent the target demographics, so much the better.

The demand for cybersecurity talent will continue to grow, and it is in everyone's interest to promote growth on the supply side.


Domini Clark is a recruitment partner for leading national recruiting firm Decision Toolbox, specializing in information security and IT roles. Domini is also the founder of InfoSec Connect, the first hassle-free recruitment communication platform exclusively serving the information security community. She has been involved in professional recruiting for more than fifteen years, working in both technical and operational recruiting for Fortune 10 organizations, small and medium sized businesses and federal government contractors. 

Tom Brennan is senior writer at leading nationwide recruiting firm Decision Toolbox. For more than a decade, he has played an integral role in developing strategic marketing materials designed to attract top candidates for Decision Toolbox clients.