The diversity dilemma in cyber security
Organisations today are more digital than ever, which has meant that, cybersecurity is now one of the most important ingredients for success. And with the average cost to remediate a data breach now estimated at $3.86 million, it’s an expensive thing to get wrong.
For the UK, the NCSC has long been an institute of cybersecurity, supporting businesses’ cyber prevention, innovating by introducing new technology and building the next generation of ‘cyber-stars’. The latter mustn’t be overlooked as we hurtle towards a digital-first economy where business conversations and transactions predominately take place online.
A particular challenge, that not just the NCSC but the entire tech sector face, is the lack of diversity amongst tech professionals. Less than one in five tech workers are female, compared with 49% across the whole UK economy.
With the number of girls applying to the NCSC’s online courses rising to 60% this year, there is cause for optimism. But that’s just one group of people that need more representation.
There is a wider diversity issue. More can, and should, be done.
A different way of thinking
Although the latest figures show that we are heading in the right direction, there’s still a significant disparity between young female and male professionals entering cyber security roles. The harsh truth is that there aren’t enough women in the technology industry overall.
And as cyber criminals become increasingly creative and savvy in their approach to attacks, businesses have had to digitise during the coronavirus pandemic. Access to a wider talent pool should therefore be seen as a solution, not a mere tick-box exercise.
By embracing different groups of people with a variety of ideas and ways of thinking, organisations can ultimately create diverse and inclusive teams that can better understand and tackle the complex online world.
In turn, a well-trained and diverse cybersecurity team can not only prepare for the future, but stay ahead of emerging cyber security threats that may manifest from technologies such as AI and 5G, and through the new ways of hybrid working that have become the norm during the COVID-19 pandemic.
Hold yourself accountable
A lack of awareness of the opportunities that exist and an often flawed and inaccurate perception that some groups do not belong in the cybersecurity sector, has contributed to a shortage of women in the industry.
At Fujitsu, taking an active role in eradicating the gender pay gap is one way that we know we can make a difference. It’s why we actively published our figures well ahead of the original April 2017 deadline and have continued to do so every year since then; last year we reduced the median gap from 15.6% to 11.6%.
The cyber security skills gap is too large for organisations to ignore with a reported 3.5 million unfilled positions expected by 2021. And we’re determined to see our long-term strategy through and hopefully increase the talent pool for all future generations.
Starting from the ground up
Research tells us that the cybersecurity workforce needs to grow by an estimated 145% to close the skills gap and help better defend organisations. What this also tells us is businesses alone cannot make a change.
It needs to be a shared responsibility for government, academia, law enforcement and organisations to educate students who may not ordinarily pursue a route in cyber security.
It’s exactly why we worked with the University Technical Colleges across England to launch the UTC Cybersecurity Group, and then partnered with two Welsh colleges alongside Admiral and Thales to forge new pathways into cybersecurity for tomorrow’s generation.
By raising awareness of cyber security careers at an early age, we can introduce younger students – of all backgrounds and genders – into the industry.
It’s ultimately down to all of us to ensure the NCSC’s impressive numbers of girls enrolling into the sector doesn’t become just another forgotten stat.
Fiona Boyd, Head of Enterprise and Cyber Security at Fujitsu
Responses