Information security industry at risk from lack of diversity

IT workers diversity

Unless the information security industry can embrace greater diversity -- in gender, age, ethnicity, disabilities and experience -- it will face a stagnating workforce and be unable to keep up with a rapidly expanding skills gap according to a new report.

The Chartered Institute of Information Security (CIISec) finds that 89 percent of respondents to its survey are male, and 89 percent over 35, suggesting the profession is still very much in the hands of older men.

Many organizations point to the need to develop specialist security skills as a reason for reduced diversity, as employees need the right technical background. Yet the majority of IT security professionals -- 65 percent -- still believe that the best way to develop security skills is to learn on the job. At the same time, many individuals will have already developed the skills needed by security in other careers, from attention to detail and identifying unusual patterns of behaviour, to the communication skills needed to drive security awareness and behavioural change in others.

"The expectation that security is purely a technical subject has led to a focus only on very specific individuals to fulfil roles," says Amanda Finch, CEO of the Chartered Institute of Information Security. "Even if we weren’t in the middle of a skills crisis increased diversity should be a priority, but the present situation makes it critical. Expanding the industry's horizons isn't only essential to make sure the industry has the skills it needs. It will give a whole range of individuals the opportunity to thrive in a new career, and in the long term protect the industry from stagnation by introducing more varied backgrounds."

86 percent of information security professionals expect the industry to grow over the next three years and 13 percent say it will 'boom' so there are clearly opportunities for new entrants whatever their background.

"If the industry starts to attract a more diverse range of people whilst spreading awareness of the opportunity available, we could be well on the way to truly modernising the industry," adds Finch. "Key to all this will be both organisations and individuals having a framework that can show exactly what skills are necessary to fulfil what roles. This will not only help hire the right people. It will also mean that it the routes to progress through an individual's career are clearly marked, ensuring that individuals who enthusiastically join the industry don’t over time become jaded or burn out due to a lack of opportunity."

Image credit: Mimi Thian/Unsplash

2 Responses to Information security industry at risk from lack of diversity

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.