​The stereotypical hoodie-laden basement-dwelling male hacker is a media favorite, and a far cry from those working in the cybersecurity industry today, mostly.

Just as the Matrix franchise vilified AI forever, the media representation of cybersecurity professionals has served to alter public opinion for the worst, but amid policy changes and trillions of dollars’ worth of infrastructure funding, the limelight is beginning to unveil the reality of the situation.

Visibility

When stigma distorts the outside perception of the industry, barriers start to emerge – the doors to a lucrative and rewarding career become firmly locked, and for many, completely invisible.

Opening these opportunities and making cybersecurity careers viable for everyone means advocating for visible representation in the space.

In a digital world where most of the population interact within at least some capacity, cybersecurity is a topic that effectively concerns everyone, therefore the entryway into the space should be visible to all.

Demystifying the industry by showcasing the diverse leadership that does exist in the space can normalize cybersecurity as a career, acting as a catalyst to draw it out of the shadows and populate the industry with new talent.

The lack of diverse talent represents a perpetual cycle that seeks to widen the digital skills gap: A lack of industry diversity is not enticing for a diverse generation of candidates.

Jen Easterly, Director of the Cybersecurity and Infrastructure Security Agency (CISA) is a fierce advocate for representation in the industry, and it’s an industry that needs empowering and inspiring figures at the very top. Women make up only 24% of the cybersecurity workforce in the United States, a figure that Jen Easterly wants to drive to 50% by 2030.

Normalizing Cybersecurity as a Career

Cybersecurity professionals aren’t all the eerie, ethereal types that reside in the unknowable reaches, they’re defenders that protect the well-being of a global humanity.

The onus falls on the industry to be transparent about their work, an aspect of the field that’s traditionally been hindered by poor communication.

An IT degree isn’t necessarily essential in understanding the very real, tangible threat of cybercrime and what it represents, yet many stray from learning more because of the heavy association with technical language.

Terminology changes (threat actor instead of a hacker for example) have a role to play in making this field more accessible and preventing a strenuous relationship between the security professionals and business leaders.

Widening the Talent Pool

Hiring managers that seek to build new cybersecurity teams need to take their access to the talent pool into account. Turning to their referral network will likely not be enough to fill the gaps, at least not if they fail to account for the wider market availability.

Third-party recruiters are uniquely placed to grant access to the wider and much more diverse talent pool, one that can enable companies to draw from outside of their network and pinpoint talent with different backgrounds and experiences.

Access to a wider talent pool is essential in the race to fill in the gaps that are rapidly emerging, partly thanks to burnout. There was a 400% increase in the rate of cyberattacks during the pandemic, but despite this increase, resources remained scarce.

Burnout leads to attrition, and this affects cybersecurity professionals of every level, including vastly experienced industry leaders.

When 50% of private sector companies report cyber skills gaps, filling in those gaps requires widening the search for talent, demystifying the industry, and diversifying the workforce, among a host of other factors (mainly to do with funding). It’s not as though the talent doesn’t exist.

There’s no quick fix either. Companies can focus on internal mobility should they be prepared to invest in the right training and practice patience.

The U.S. cybersecurity industry seems to be on a precipice of sorts as it hurtles toward the future.

Companies will need to better understand the talent market, advocate for diverse and inclusive working environments, and place much greater value on the skills of cybersecurity talent to make real, positive headway in the space.

CISOs don’t automatically have a seat at the table in the same way a CTO does, and this will undoubtedly need to change to establish a stronger bond between businesses and their cybersecurity security functions, enabling a greater level of informed decision-making.

It takes a diverse team with diverse behaviors and diverse ways of thinking to arrive at an effective solution for the ever-present threat actors.

If you need some help on your own quest for new talent, or you’re searching for your next career calling in the world of cybersecurity, reach out to the team at Broadgate today, we’d love to be a part of your journey.

Normalizing Cybersecurity as a Career

Cybersecurity professionals aren’t all the eerie, ethereal types that reside in the unknowable reaches, they’re defenders that protect the well-being of global humanity.

The onus falls on the industry to be transparent about their work, an aspect of the field that’s traditionally been hindered by poor communication.

An IT degree isn’t necessarily essential in understanding the very real, tangible threat of cybercrime and what it represents, yet many stray from learning more because of the heavy association with technical language.

Terminology changes (threat actor instead of a hacker for example) have a role to play in making this field more accessible and preventing a strenuous relationship between security professionals and business leaders.