Workplace diversity in IT and cybersecurity has become a key operation concern, according to headline figures from a study of 1,250 UK and Dutch businesses, conducted from (ISC)² – the world’s largest nonprofit association of certified cybersecurity professionals.
The study into workplace and hiring diversity in IT/ICT and cybersecurity roles, revealed that organisations had broadened their efforts to encourage diversity and inclusivity amid the impact of the sector’s skills shortage on recruiting and retaining staff in those roles.
Diversity in IT
Talent acquisition and retention are the main reasons companies have been ramping up their diversity initiatives, according to (32%) of respondents. Meanwhile, nearly a third (29%) added that diversity is important to their organisation because the workforce should represent the demographics in society.
The study, which looked at the diversity of age, gender, ethnicity and origin, revealed that nearly three-quarters of organisations surveyed (74%) introduced a diversity value or programme in the last two-to-five years. On top of this, a further 16% have followed suit in the last 12 months.
“Workplace diversity encompasses multiple factors including gender, ethnicity, age, origin and much more,” said Deshini Newman, Managing Director EMEA at (ISC)².
Deshini continued: “The cybersecurity challenge of combating threats with the right people and the right skills is a relentless one. It is just one reason why organisations must maximise their ability to entice and keep talented and qualified individuals from all corners of society.
“Bringing new ideas, experience, alternative thinking and approaches to the table, as part of a broad selection of skills, experience and backgrounds can inspire, motivate and help organisations to find innovative solutions to today’s IT and security concerns.”
Diversity being driven by HR, not the board
Overall, 40% of survey respondents stated that the HR department is the primary driver of diversity and inclusivity efforts, including measuring employee diversity goals. This compares to just under one quarter (23%) who said it was the senior management team and just 10% that said it was the C-suite driving diversity initiatives.
Amid the demand for skilled and qualified cybersecurity staff, the study confirmed that efforts to improve the hiring prospects for these roles are helping overall efforts to recruit. While diversity in hiring is prevalent across the organisations surveyed, IT and cybersecurity make up a major part of the overall diversity hiring push.
Nearly two-thirds (60%) of respondents said that up to 20% of the current vacancies in their organisations are IT and/or cybersecurity-based. A further quarter (26%) said these roles constituted between 21-50% of their workforce.
Hiring cybersecurity roles
Over three quarters (77%) of respondents said that cybersecurity roles were recruited for in their organisations in the last 12 months. The number of roles filled ranged from 1 to 31 across the responses, although nearly 55% of the respondents said that up to 10 cybersecurity staff were hired by their organisation over the last 12 months. Meanwhile, 18% said that between 11 and 30 roles were hired in the last year.
Over a third of respondents (37%) say just 6-20% of their IT department employees are aged 18-21, while an additional third (35%) say none of their IT department employees are aged 18-21. This indicates a struggle to bring enough new talent into the department that can learn from their experienced peers. This is critical when considering that the IT department has an age diversity profile weighted towards older employees. One quarter (24%) said that up to half the IT department staff in their organisation were aged 31-40, with 20% of respondents suggesting that up to 35% were aged 41-50.
(ISC)2 will release its full IT and Cybersecurity Diversity whitepaper in July. For more research on the Cybersecurity workforce, please visit their website.