A back-to-school plan for reaching the next generation of cybersecurity professionals
The cybersecurity landscape experienced a period of turbulence over the past eighteen months, as companies around the world quickly adopted remote and hybrid working models at the onset of the pandemic; beyond providing threat actors with new vulnerabilities to exploit, this shift challenged our expectations about where works happen and, more importantly, what workers are considered critical to a functional, stable society.
This, coupled with a series of high-profile ransomware attacks, has thrust cybersecurity into the spotlight.
Unfortunately, when it comes to diversifying the cybersecurity workforce, this flurry of coverage is too little too late in presenting the field as viable and economically rewarding.
The State of Things
Brookings Institute found that more than half of essential frontline workers – many of whom are Black (16%) and Hispanic (21%) – earn less than $20 an hour. Even if an essential worker were able to work 40 hours a week, every week, taking no holidays, they would earn a maximum of $41,600 – nearly a third of the average cybersecurity employee – while, at the same time, facing health risks which are not constrained to the current pandemic.
At the same time, today’s technology workforce does not represent the general populace – the Information System Security Certification Consortium ((ISC)²) found that just 9% of cybersecurity workers self-identified as African American or Black, 4% as Hispanic, 8% of Asian, and 1% as American Indian, Alaskan Native, and Native Hawaiian/Pacific Islander.
Unfortunately, there is little being done to address this head-on, as lower-income community members are more likely to choose a career – either consciously or unconsciously – from CISA’s critical infrastructure workforce with lower pay and a higher risk of exposure to the current pandemic than those who choose careers in cybersecurity due to the simple fact that the latter is lacking in visibility as an attainable and rewarding field.
Our shared challenges – with the total number of data breaches increasing every year since 2009 – in cybersecurity do not stem from inadequate financial investment; rather, they stem from a lack of diverse people with different life experiences working together towards the shared goal of improving security.