Benefits of a Multicultural Cybersecurity Workforce

As was the case for the American workforce during World War II, the enormous dearth of talent in the cybersecurity industry presents unprecedented opportunities for women and minorities to fill the jobs gap. According to a new (ICS)2 study, “Innovation Through Inclusion: The Multicultural Cybersecurity Workforce,” minorities represent only one-quarter (26 percent) of the cybersecurity workforce. With nearly 2 million jobs that need to be filled over the next five years, hiring a more diverse workforce is essential to address the ever widening projected workforce gap.

But there’s a difference between hiring to fill positions and embracing a multicultural workforce. We need only look back through history to see the ill-effects of a we want you, but we don’t really value you approach to hiring. Women and minorities came out in droves to answer the call for help during WWII, but when the war was over, society returned to discrimination as usual.

Numbers Tell a Story, but Not a Pretty Tale

As has been the case for women in security, 32 percent of cybersecurity professionals of color who participated in the survey reported that they have experienced some form of discrimination in the workplace.

One of the most notable racial distinctions was in compensation. The study found that Caucasian workers were more likely to receive a salary increase within the past year, as compared to other races and ethnicities. Salary discrepancies are rooted in either conscious or unconscious forms of gender, age, ethnic or cultural discrimination, with gender and ethnicity being the most common seeds of unfair treatment.

Another key finding from the study: “Employment among cybersecurity professionals who identify as a racial or ethnic minority tends to be concentrated in non-management positions, with fewer occupying leadership roles, despite being highly educated.”

Despite representing a significant portion of the cybersecurity workforce, minorities are underrepresented in senior roles. Yet, those minorities who have climbed the ladder and worked their way into leadership positions hold higher degrees than their Caucasian peers. Compared to the 50 percent of white or Caucasian professionals in leadership, 62 percent of minorities in similar roles hold a master’s degree or higher.

It’s worth noting that minority representation in the cybersecurity industry is slightly higher than the overall U.S. minority workforce, which is only 21 percent. Still, the industry must do better. We need to shake this perception that cybersecurity is a predominantly White Boys Club for reasons that extend beyond ensuring equal opportunity for all.

Benefits of a Multicultural Workforce

Recognizing that the current cybersecurity workforce is undersized and aging, it’s incumbent upon industry leaders to move from a reactive to a proactive posture when it comes to workforce composition, said David Shearer, CEO, (ISC)2.

The first step in being proactive is to look toward the future. The new people coming into the cybersecurity profession will be millennials, who are the largest and most diverse generation of our time. “Should not the workforce start to be reflective of the main feeder source of talent?” Shearer said.

Organizations need to proactively begin to change the narrative and do away with the perception that cybersecurity is an industry that does not embrace diversity. “We should start to see a shift,” said Shearer, “because a multicultural workforce is reflective of the population and organizations need to proactively embrace sustained succession planning.”

McKinsey & Company reviewed 180 publicly traded companies and found some startlingly consistent benefits of having a diverse leadership team. “For companies ranking in the top quartile of executive-board diversity, Returns on Equity were 53 percent higher, on average, than they were for those in the bottom quartile. At the same time, Earnings Before Tax and Interest margins at the most diverse companies were 14 percent higher, on average, than those of the least diverse companies.”

But a multicultural workforce delivers more than financial benefits, and inclusion is not merely a solution to a supply and demand problem. “There’s also the fact that a diverse workforce does a better job at solving problems,” said Shearer. Ultimately, we want to field the most diverse team that is better equipped to deal with the global challenges we will continue to confront.

Kacy Zurkus

Avatar photo

Kacy Zurkus

Prior to joining RSA Conference as a Content Strategist, Kacy Zurkus was a cybersecurity and InfoSec freelance writer as well as a content producer for Reed Exhibition's security portfolio. Zurkus was a regular contributor to Dark Reading, Infosecurity Magazine, Security Boulevard and IBM's Security Intelligence. She has also contributed to several industry publications, including CSO Online, The Parallax, and K12 Tech Decisions. During her time as a journalist, she covered a variety of security and risk topics and also spoke on a range of cybersecurity topics at conferences and universities, including Secure World and NICE K12 Cybersecurity in Education. Zurkus has nearly 20 years experience as a high school teacher on English and holds an MFA in Creative Writing from Lesley University (2011). She earned a Master's in Education from University of Massachusetts (1999) and a BA in English from Regis College (1996). In addition, she's also spoken on a range of cybersecurity topics at conferences and universities, including SecureWorld Denver and the University of Southern California.

kacy-zurkus has 62 posts and counting.See all posts by kacy-zurkus