The global cyber security workforce gap is estimated to be 4.07 million with 35% of organisations unable to fill open cyber security jobs to protect their assets.
Despite this gap and genuine need for both technical and non-technical people, the cyber security industry has a diversity problem. Which means, we’re missing out on the skills and knowledge from a large segment of the population.
A report commissioned by the UK Government in 2020 estimates that:
- 15% of the cyber security workforce is female.
- 16% of the cyber security workforce is from an ethnic minority background.
- 9% of the cyber security workforce is neurodiverse.
In general, the fact that diversity makes sense from a business perspective is no longer contestable. Not only have plenty of studies shown that diverse teams are more productive and innovative but, diversity also impacts the bottom line. For example, the 2015 McKinsey study on workplace diversity, Why Diversity Matters, showed workforce diversity results in distinct benefits on company performance; including, in the UK, a 3.5% increase in earnings before taxes and interest for every 10% increase in gender diversity. This hard evidence backs up the intuitive sense that diversity is ‘the right thing to do’.
Why diversity matters for cyber security
Cyber security is focussed on identifying threats and devising mitigations for them. Bringing diverse experiences and ways of thinking/working to these challenges will greatly increase the success and delivery rate of solutions.
Importantly, cyber security isn’t just about ‘technical’ roles. It needs a wide range of analytical, communication, engagement and problem-solving skills. Coding, hacking and engineering are—and will continue to be—critical skills for cyber. However, the well-known diversity challenges for these career streams—together with the perception that cyber only needs technical people—are two barriers that must be overcome for organisations to succeed in building a workforce that is representative of the problems it is trying to solve.
Why re-training/ upskilling is the right answer
With the UK cyber skills pipeline still highly problematic in terms of both numbers and diversity, the quickest and most cost effective—indeed, possibly the only—way to narrow the cyber skills gap and increase diversity, is to upskill existing staff, or applicants seeking to change careers, into both technical and non-technical cyber security roles.
With traditional recruitment, it’s easy to find candidates from the same ‘pool’ or those who fit a certain ‘culture’, but this doesn’t tap into the full potential of the workforce; many individuals from other sectors and careers have already developed key skills required in security, such as attention to detail, identifying unusual patterns of behaviour and the communication skills needed to drive awareness and behavioural change. Plus, a genuine interest/passion for security and data protection makes a big difference–you can teach cyber and information security skills, but you can’t necessarily teach someone how to care about cyber security.
Career conversion programmes enable organisations to recruit from this much wider pool and focus on the areas within the organisation that need key skills. This higher level of engagement during the process also keeps people within organisations longer once they’re in.
PGI Cyber Academy’s Career Conversion Programmes
The PGI Cyber Academy provides clients with reskilling programmes designed to train staff more effectively, increase diversity, drive hiring costs down and improve employee retention.
We have helped organisations of all sizes and types narrow their diversity and skills gap. We work closely with you to understand your operational requirements and design a training programme that reflects these. This is built around either specific job roles or a range of similar skill requirements.
The success of these programmes has already been demonstrated, including:
- A pilot of mixed-gender veterans from a variety of backgrounds wanting to transition into careers in the cyber security industry.
- Our Women in Cyber Initiative which focused on increasing the number of women entering the industry–successfully placing all participants into new cyber security roles.
- An industry-boosting training series for the banking sector in the Middle East, creating the next generation of cyber security leaders.
In each of these programmes, delegates from different—often nontechnical—backgrounds undertake dedicated skills development and learning for a defined period—often between 6 weeks to 6 months. Our expert training and mentoring provide the key skills and knowledge required to take on frontline cyber security roles.
100% of participants who completed PGI’s programmes are now in operational cyber security jobs.
Why work with the PGI Cyber Academy?
We work regularly with UK Government, international governments, partners and corporate clients to transition existing staff with aptitude, or to identify and recruit new talent into newly qualified cyber security practitioners, to begin working in the various domains the industry requires.
We have designed and delivered various skills development programmes that provide organisations with achievable life-long learning pathways through clearly defined education, enabling them to protect their own assets or provide their own clients with their expertise in defending against the cyber threat.
Find out more about our programmes or talk to our team about how we can work with you to narrow your cyber skills and diversity gap.
Insights
Fuelling the flames of misinformation - Digital Threat Digest
I remember when I studied the susceptibility to committing crime in my Crime Studies post-grad. According to research, many factors, ranging from cognitive biases, emotional vulnerabilities, to social environments, influence a person’s likelihood of committing a crime.
Hippo-critical behaviour - Digital Threat Digest
Last week, my social media feeds were filled with news of Israel's synchronised attacks in Lebanon, ranging from news updates and victim testimonies to Hezbollah memes and edgy tankie shitposting.
PGI joins WeProtect Global Alliance to strengthen the child safety online ecosystem
Protection Group International (PGI) is pleased to announce that it has joined WeProtect Global Alliance to support the creation of a safer online environment for children.