Q&A: Diversity holds the key to overcoming the cybersecurity skills gap
Human Resources

Q&A: Diversity holds the key to overcoming the cybersecurity skills gap

The cybersecurity industry is facing a recruitment crisis, with the Center for Cyber Safety and Education predicting 1.8 million unfilled positions by 2022. With women currently making up just 7% of the European cybersecurity workforce, many believe the key to plugging this talent gap is to encourage more women into the sector. Debbie Tunstall, Head of Education Programs at Cyber Security Challenge UK, talks about what can be done to attract more women into cybersecurity roles. 


What is Cyber Security Challenge UK and how did the idea for it come about?

There is an alarming gap in the number of skilled security professionals and in this sector, traditional engagement methods do not work. A game-changer was needed, so in 2010, our founder, Judy Baker, worked with the UK government, as well as partners in industry and academia, to create a new initiative focused on getting more people into jobs in cyber security by showcasing their talent and potential.

What began as one competition has now expanded to a series of competitions, events and programs to educate future generations of unique careers in cyber security and to help them secure jobs in the industry.

Now in its eighth year, the Challenge is backed by over 70 of the UK’s most prestigious public, private and academic organizations who, together, are beginning to tackle the worldwide skills gap issue. The Challenge works with individuals across the age spectrum – helping to inspire STEM subject choices and raising awareness of basic security and coding, through college, university and right up to those looking to change from an existing career path to one in cyber security. The Challenge makes a real difference to people’s lives, on an individual basis and towards a better future for all.


What are the biggest challenges facing the cybersecurity industry right now?

There are many issues facing the industry, but at the heart it is the speed and volume at which cyber threats are growing. In order to stay ahead of potential threats, we need to develop new technologies and also hire more people into the industry to innovate and work against potential threats.


Why do you think it’s so hard to recruit talent – especially women – into this sector?

The general recruitment problems faced in the industry often sit with a broken system. Many people in the cyber security industry will perform brilliantly in day-to-day jobs, but often they don’t have CVs that match HR departments’ tick boxes. There is a high proportion of people in the cyber security industry that are neuro-diverse but many of these candidates often struggle to make it past the interview stage. The best way to spot cyber talent is by seeing it in action – which is why we style our competitions and events in the way we do.

Classes are often full of males, which in itself is a barrier when we look at recruiting more women. Not many females want to be the token in the group, so making courses more appealing is a first step. Perhaps bursaries for females, women’s only technical debating societies, more female lecturers could be a starting point. The conversation should begin at school, with more young people being encouraged to take computer science as an ‘option’ throughout education.

This is an industry that is dominated by men, and as we all know, recruiters often seek out people who are like them in some way – the unconscious bias that is simply a human trait. Recruitment processes and practices need addressing to reflect this. It also has a fair proportion of men in the senior ranks who can have specific ways of working that some women find off-putting; we need a cultural change across the industry and a general acceptance that women are an asset to the sector. Females are different to men. They work and study differently and these changes need to be reflected throughout education and industry for anything to change moving forward.


How can we better promote diverse hiring policies in cybersecurity?

Stop following the current rules – they aren’t working. Organizations need to be open to finding general STEM graduates with the right aptitude for cyber security and be prepared to train them, instead of expecting them to be primed and ready. Security specialists shouldn’t expect a graduate to come out of university and hit the ground running. They need to nurture talent to be the best they can be.

There is also a job to be done by HR/marketing in making sure the full breadth of careers available are communicated externally. Very few companies place emphasis on advertising their cyber roles, particularly among younger audiences. We are now attending lots of national careers fairs helping to get the word out there about these roles, but we need industry to join us to create a bigger, louder wave.

Hirers should get out to networking events and competitions. Women don’t tend to ‘sell’ themselves like men do; so, a fresh approach to appraising someone rather than just reading a CV is needed.


Is it the responsibility of the government or the industry to push for these changes?

It’s a social responsibility and it’s happening now. We can see a shift in attitudes and behaviors already and this needs to continue. Women are starting to speak up with the expectation that they will be listened to – that’s a big change. It’s also the responsibility of industry – Government can do so much but this is too big a job to police, so industry needs to make sure they themselves are behaving responsibly. We also need to work together – instead of creating a new initiative or group within your company or community, look for ones that exist already, bigger groups can often make bigger changes.


What can be done to improve workplace opportunities for women and ensure companies are retaining their diverse employees?

Firstly, we must put women in positions of responsibility - ask them to organize weekly get togethers and drive the agenda and generally just help to empower them. We also need to ensure there is a high ratio of female managers and mentors available and train all executives about good HR practices for employees of all genders. Eliminating the gender pay-gap and ensuring that women are provided with a fair working environment that offers them all the same opportunities as their male counterparts is another thing we need to continue working towards. Finally, we need to allow for a greater amount of flexible working (regardless of gender). There’s a lot of brilliantly talented women (and men) out there with families who need flexible working. They have a lot to offer, just need to work in a different way.


«Alfresco Founder: Commercial Open Source is more than Old Stuff for Free


C-suite career advice: Benedikt von Thüngen, Speechmatics»
Charlotte Trueman

Charlotte is Staff Writer at IDG Connect

Recommended for You


How a Washington crackdown on Huawei could backfire for everyone

Phil Muncaster reports on China and beyond


5G is over-hyped and expectations need reining in

Dan Swinhoe casts a critical eye on the future


What can we learn from tech initiatives in the Middle East?

Keri Allan looks at the latest trends and technologies

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.


Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.



Should the government regulate Artificial Intelligence?