Upcoming Events
Skills, Talent and Diversity updates
Sign-up to get the latest updates and opportunities from our Skills, Talent and Diversity programme.
The need for more diverse perspectives to promote more innovative solutions
For some time now, the industry has been lacking the requisite skills around cloud security, data security, and application security, specifically across the mid and senior level. Part of the reason is that cloud architectures and the more distributed systems we see today has created new attack surfaces that require specialised skills to secure. Here, there is a real shortage of engineers who are well-versed in techniques like cloud access security, cloud encryption, and micro-segmentation.
With vast amounts of sensitive data now being collected and analysed, skills in data security governance, database activity monitoring, and data loss prevention are also lacking. Unfortunately, entry-level cybersecurity hires often lack the soft skills needed for organisational collaboration, communicating cyber risks, and enabling behavioural change. At the same time, due to advanced persistent threats evolving so rapidly, mid and senior level professionals skilled in threat intelligence gathering, dark web monitoring, and understanding the attacker mindset are also rare. Shortages also exist in digital forensics and incident response skills like log analysis, reverse engineering malware, and determining root causes.
An evolving skills gap
The rapid pace of technological change has expanded the scope of vulnerabilities beyond recognition. Cloud, mobile, IoT and AI adoption have all massively increased risk, vastly expanding the expertise required to secure a modern organisation.
Educational programs are, unfortunately, failing to keep students’ skills current with technological change. More public-private partnerships, certification programs and continuing education are needed.
How diversity can help fill the gap
There is no doubt that more diverse perspectives promote more innovative solutions, so should be encouraged. Homogenous teams reinforce blind spots that attackers can exploit. Whereas teams incorporating diverse backgrounds provide cognitive diversity to imagine novel defensive approaches.
The industry needs to tap into underrepresented talent pools through inclusive hiring initiatives. Unfortunately, many women or minorities with aptitude for cybersecurity roles still face unfair barriers to entry. Intentional, equitable hiring is vital to accessing and developing untapped talent.
A diverse age range should also be encouraged. Blending junior energy and new approaches with senior experience creates vibrant, balanced teams that nurture skills development.
How organisations can do more with less
To help fill the skills gap, organisations should look to cross-train staff to handle multiple roles. Employees skilled across functional areas can improve response coordination while reducing costs. Not being afraid to employ remote workers can also help to access wider talent pools cost-effectively. Such remote models provide access to skills globally without relocation costs, improving diversity too.
Organisations should also look to invest in upskilling current staff on the latest technologies. It always costs less to upskill internally than replace staff. Prioritising continuity and growth of institutional knowledge will pay dividends. Finally, make sure to prioritise spending on the highest risk areas. With limited resources, focus should be on capabilities securing the most critical business assets and processes.
Authors
Tim Freestone
Tim Freestone joined Kiteworks in 2021 and brings over 15 years of experience in marketing and marketing leadership, including demand generation, brand strategy, and process and organisational optimisation. Tim was previously Vice President of Marketing at Contrast Security, a scale-up application security company. Before Contrast, Tim was the Vice President of Corporate Marketing at Fortinet, a multi-billion-dollar, next-generation firewall and cloud security company. Tim holds a Bachelor’s degree in Political Science and Communication Studies from The University of Montana.