The shortage of skilled workers in IT has been a serious problem for years, especially for smaller businesses in less affluent regions that struggle to find trained employees to fill open positions. This hinders the management of day-to-day operations and stops companies from implementing important digital transformation projects. A perennial lack of women in IT only serves to seriously exacerbate the problem for an industry crying out for talent, limiting opportunities for women at all levels.
However, the current pandemic may offer an opportunity to accelerate the pace of change. Lockdown and social distancing have driven most of the workforce into the home office and turned many working parents into part-time teachers. What was once considered unthinkable in the professional environment is now accepted as human: the delivery person rings the doorbell during the meeting, children show up at the desk demanding attention, and cats find their way in front of the camera.
We can expect this shift to remote work to continue even after we overcome the crisis. Through the change in dynamic, many hope that this will improve the work-life balance of employees and help eliminate two important problems in IT: the lack of skilled workers and increase the number of women in the industry.
Looking specifically at cybersecurity – one of IT’s major growth industries – underlines the depth of the problem, and also the potential opportunity for all stakeholders. According to new research by (ISC2), the worldwide workforce cybersecurity shortage now stands at 3.12 million in 2020 – down from over four million last year but still a huge number and a continuing source of difficulty for organisations looking for talent. However, for women, the challenge is more acute with Exabeam’s own annual Cybersecurity Survey, revealing that 21% of respondents self-identified as women. Although up from last year, the data illustrates a huge deficit still exists across the sector.
The value of diverse talent
Like many industries, cybersecurity needs to accelerate efforts to bring more women into roles at every level, from those at the very start of their careers to more established, experienced professionals. For example, a major obstacle for many women in returning to work after an extended career break is flexibility, because after their maternity leave, in effect, they find themselves balancing two full-time jobs. However, part-time roles tend to be a rarity in IT and security, and, up until now, requests to work from home have been frowned upon in many workplaces. And whilst maternity leave isn’t the only reason for someone to take a career break, the industry has a clear opportunity to utilise technology and focussed programmes to help talented people come back to or join the fold.
Not new, but still scarcely seen are Return To Work programmes. Originally started within larger organisations, they were designed to pave the way for women to return to work in their previous company after having a baby. Since then, they have often been expanded to all women after a long break for a wider range of situations. Some larger enterprises have also started offering more comprehensive supportive programmes advertising permanent roles with part-time/flexible working to attract skilled women.
These initiatives usually combine flexible working times with training, mentorships, communities and other support. However, they remain few and far between, and often limited to larger, global enterprises. Smaller organisations can nevertheless make themselves more aware that integrating women into the organisation can be beneficial and can solve the skills gap with experienced employees that can bring enormous benefits to employers.
Then there are those people who have existing transferable skills. There’s a growing trend, for example, for cybersecurity professionals to cross-train from IT, such as people with experience of helpdesk roles. The creative and helpful mindset that works well in these cases and the IT knowledge they bring provides an ideal foundation for a security career. It’s incumbent on the industry to ensure that these opportunities are presented equally to everyone, irrespective of gender and where they happen to be on their career path.
Similarly, security automation is becoming a major growth area in the sector, helping professionals more easily address the mundane aspects of their job and support them to do more valuable tasks. This will open up specific ‘security automation’ roles that won’t focus on the technical know-how. Instead, they require logical thought processes to understand what is happening on a higher level. These roles could be ideally suited to women who can leverage cross-functional skill sets from previous roles.
A diversity opportunity
So where does that leave us? As remote work seems likely to remain an option in most organisations, and in many places the long term ‘now (not so much ‘new’) normal’, senior managers now have a better opportunity than ever to diversify their workforce by recruiting talent from anywhere in the world. The benefits are increasingly well understood, with diverse teams bringing creativity and new perspectives to industries such as cybersecurity. And whilst diversity is a much bigger topic overall, women typically possess a high level of emotional IQ and empathy, which can boost team collaboration, and studies have shown that diverse teams make better decisions 87% of the time.
Despite the huge challenges created by COVID-19, the impetus it has created behind working cultures with better balance, greater flexibility and more empathy may well provide a welcome additional boost for women across IT in general and cybersecurity in particular. Those organisations that act now to build and maintain equality in cybersecurity and the wider IT industry will be much better placed to insulate themselves from the skills gaps that may well grow further in a recovering, post-pandemic economy.
Samantha Humphries is a Senior Security Strategist at Exabeam. She has been entrenched in the cybersecurity industry for over 20 years – helping hundreds of organisations recover and learn from cyberattacks, defining strategies for pioneering security products and technologies, and as a regular speaker at security conferences worldwide. In her current regeneration, Sam is part of the global product marketing team at Exabeam, where she has responsibility for anything that has “cloud” in the name.
