Security Staff Acquisition & Development

Five ways diverse teams can propel the cybersecurity profession forward

Today’s columnist, Sean Joyce of PwC, offers five ways companies can build more diverse cybersecurity teams. (Credit: Stock Photo, Getty Images)

The cybersecurity profession has been grappling with a few pressing issues: a growing demand for skilled workers, a seemingly constrained supply of talent, and a lack of diverse teams. These issues could pose a great risk to such a pivotal profession. But for forward-thinking organizations, it’s an ideal opportunity.

Working with diverse teams—no matter the industry—is not only right for society, but it’s also right for business. Diverse and inclusive teams allow for different perspectives, creative thinking and open collaboration—all key ingredients to produce an effective cyber team.

As cybersecurity professionals, we are in the problem-solving business. New ideas and perspectives are essential to protect against evolving threats and crucial to executing creative solutions. Bottom line: diverse teams are stronger and lead to better outcomes.

Here are five suggestions for finding the skilled talent to round out a cybersecurity team:

  • Lead with transparency.

Last fall, PwC released its Purpose Report—an evolution of the company’s inaugural D&I transparency report—and in it we elaborated on PwC’s purpose and inclusion story, provided an update on our firm’s diversity KPIs, outlined several key initiatives to help foster an even more diverse and inclusive environment, as well as the goals we’re working toward. As a global cybersecurity business, we recognize there’s a larger role we can play in these efforts. While we’re proud of the progress we’ve made, we recognize that we’re still not where we aspire to be—and that’s OK. Recognizing the work we have ahead of us is the first step in this journey. Committing to diversity, equity and inclusion and leading with transparency helps hold us accountable and keep us on the right track.

  • Broaden the candidate pool.

The demand for skilled cybersecurity talent currently far outpaces the workers available. If leaders commit to fostering diversity through recruitment and retention, they can expand the pool of candidates they’re looking at and help solve for this gap and hire top talent.

Organizations can do this by working with different diversity-focused organizations and institutions. For example, businesses can work with Historically Black Colleges and Universities (HBCUs), or offer targeted scholarships and internships to underrepresented groups.

Companies also often overlook a talent pool of workers who are Skilled Through Alternative Routes (STARs). Many of these workers, who only possess a high school diploma or equivalent, have the skills to perform higher-wage work today. As of 2021, there are some 70 million STARs in the U.S. It’s a vast and diverse pool of candidates: 62% are African American, 55% are Hispanic, and 50% are non-Hispanic white. Companies that take a more holistic view of hiring and look beyond surface-level on-paper qualifications, schooling and certificates can tap into this valuable segment of the workforce.

  • Build retention through inclusivity.

It’s not enough to just recruit diverse talent. Match focused recruitment strategy and efforts with proportional retention efforts. Affinity groups remain an important part of this effort. By creating spaces for employees with common identities and backgrounds to build relationships, firms can foster a more inclusive company culture, which increases retention of top diverse talent. Senior members of these groups can also evolve as advocates for the firm to recruit and retain talent. Leaders can become champions for new diverse talent, and help them develop their careers by becoming mentors. At PwC, groups created to bring together Black and Latinx individuals, women and veterans, among others, offer important outlets for support and collective action.

  • Upskill for the future.

To build diverse teams, companies need skilled talent. It’s our responsibility as leaders to make sure our teams are well equipped with the skills they need for the future. That’s why we’re investing in our own people. PwC’s Global Cyber Academy is an opportunity for everyone within the PwC network worldwide, no matter what territory they sit in, to develop skills in the exact same way. These are life-long skills our people can take with them throughout their careers—wherever their journey takes them. This investment not only helps our firm bring the strength of our people, capabilities and technology to support our clients in building trust and developing sustained outcomes, but it also helps build trust and strengthen the cybersecurity profession.

  • Plan for tomorrow.

A diverse, inclusive workforce helps drive better outcomes for our clients and elevates business growth and the broader economic development of our society. Ultimately, the work of a cyber professional is to build trust within the business and with clients and consumers. The business’s cyber function begins at a trust deficit if it doesn’t reflect the diverse composition of its stakeholders. Although we have more work ahead of us, in my more than 30-year career, I am inspired by the strides we’ve made recently, and I am hopeful that we can continue to drive more meaningful change.

Sean Joyce, global cybersecurity and privacy leader and U.S. cybersecurity, risk and regulatory leader, PwC

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.