The Cybersecurity Diversity Gap: Advice for Organizations Looking to Thrive

Companies need to fill some of the millions of empty cybersecurity seats with workers who bring different experiences, perspectives, and cultures to the table. Cut a few doors and windows into the security hiring box.

Rita Gurevich, CEO & Founder, SPHERE

June 20, 2022

4 Min Read
Diverse group of people
Source: Derek Meijer via Alamy Stock Photo

In the past year, we've had to grapple with the impact of a quickly growing threat landscape. Debilitating cyberattacks against our critical infrastructure, threats against our already weak supply chains, and the continued ripple effect of the Log4j incident have fueled the need for more intentional investment in security tools and services.

With cybercrime growing, it's no secret that there is a dire need for cybersecurity talent globally, so let's break down what the industry looks like for a moment. For security spots already filled, only 4% are Hispanic, 9% are Black, and 24% identify as women, according to the Aspen Institute. There is a clear picture painted for us: Not only do we need to fill the empty seats, but we need to fill them with workers who are bringing different experiences, perspectives, and cultures to the table.

Unlocking Innovation with Diversity

So, why does this matter? Diversity and inclusion have become notorious for being buzzwords within organizations, with companies increasingly touting their respective campaigns, and programs around diversity efforts.

In every industry — but particularly in an industry like cybersecurity that is changing by the minute — we need the brightest ideas, the most well-rounded teams, and the most creative practitioners. Having diverse thoughts, backgrounds, and experiences leads to better and more informed decision-making. At SPHERE, the diversity of our team has improved our ability to overcome business challenges. Our array of talent has also enhanced our culture, reduced turnover, and led to a greater sense of satisfaction throughout the organization.

Another key reason diversity should be a vital thread in the fabric of your cybersecurity business is that it's exactly what the new wave of job seekers is looking for.

Millennials now make up more than one of every three people employed in the United States. And data shows that this powerful group is no longer satisfied with the way workplace benefits and culture have traditionally been measured. According to Weber Shandwick, 47% of millennials consider diversity and inclusion an important factor in considering a new job, 14% more than Gen-Xers. Cybersecurity organizations and teams are the backbone of our infrastructure and daily activities, and thus should be communicating their values, beliefs, and missions so that they are attracting the most ambitious, creative professionals.

A Tool Set for Progress

We must take this information and run with it, strategizing ways to nurture a healthy pipeline of diverse talent. The first and most important step to doing this is being confident that there is a problem but that your organization is more than capable of solving it. To begin, recognize that there are many technical and nontechnical roles available in security. The points of entry into this industry are vast and go beyond engineering — from governance, risk, compliance, and IT to business development, product marketing, and communications.

Secondly, partner with local colleges and universities, tapping into educational programs outside of engineering or software development, as well. Organizations such as Cyversity, Women in Cybersecurity (WiCyS), and Women in Security and Privacy (WISP) are doing phenomenal work opening the door of opportunity to populations historically locked out.

Last, and in my opinion one of the most important strategies, is to leverage your networks to initiate open conversations about the work you are doing. As a woman founder and CEO of a cybersecurity company, I am committed to using the platform and resources I have to nurture the next generation of diverse cybersecurity professionals.

We can't sit back and watch as the talent and skills gap within our industry widens. At SPHERE, we've set out to empower young women to achieve greatness in the cybersecurity industry. As such, we're launching a program, SP(HER)E, that partners established women leaders with younger women who are new or are looking to break into the industry.

The Way Forward — Perspectives From a Woman Leader

I've faced a fair share of challenges being a woman leader in this space. When I started my business, I was a young woman launching a niche company in a male-dominated industry, and there was doubt around my ability due to inexperience combined with the unfortunate reality that some folks tend to consider women less capable than men. I understand that this is an issue and a gap we can't fill overnight. But we can commit to daily, small steps that will compound into meaningful results in the next few years.

The cybercriminal landscape is only getting more sophisticated, cunning, and large. Hiring diverse talent – and sustaining this progress with investments into professional development and retention – are the first steps toward a well-equipped and thriving cybersecurity team!

About the Author(s)

Rita Gurevich

CEO & Founder, SPHERE

Rita Gurevich is the CEO and founder of SPHERE, leading the strategic growth and vision for the organization.

Rita began her career at Lehman Brothers and helped oversee the distribution of technology assets after their bankruptcy in 2008. From this, Rita gained a deep understanding in analyzing identities, data platforms, and overall application and system landscape that had to be distributed across all the buying entities. At the same time, the enhanced regulatory environment focusing on protecting data from misuse, forced large enterprises to manage and control access more proactively across their on-premises and cloud environments.

With this knowledge, Gurevich founded SPHERE, an identity hygiene organization that provides critical discovery, security and compliance solutions centered around identity security and access control problems that organizations face. The company has developed a repeatable and effective approach to automating the discovery, remediation, and management of access controls across any scope. Rita has overseen the growth of SPHERE into a leading software company providing its clients with the only end-to-end identity hygiene solution available today.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights