Embed Size (px)
Citation preview
Diversity in Tech: Increasing the Cybersecurity Workforce Pipeline
April 22, 2015
‹#›
What is Diversity?
Also: Gender Sexual Orientation Ethnicity Religion Disability
Diversity is the state of having people who are different races or who have different cultures in a group or organization (per Merriam-Webster)
‹#›
The Playing Field
‹#›
Critical Industry
Defending infrastructure, intellectual property, financial data, and personal safety is of paramount importance. Cyber actors are becoming increasingly more sophisticated. Cyber threats continue to grow across a wide variety of platforms. The Internet of Things increases everyone’s attack surface.
‹#›
Cyber Attack Map
‹#›
2014 Breach Statistics
‹#›
Breach Statistics
Infographic from SafeNet
‹#›
Cyber Attacks in the News
‹#›
High Demand
Demand for cybersecurity workers has grown exponentially in the last five years – 3.5 times faster than computer jobs and 12 times faster than the labor market overall. The demand is spread over all sectors and industries, private and public. We cannot fill all the open slots without expanding the pipeline and tapping into a more diverse group of workers.
‹#›
Low Supply
Everyone is competing to hire workers from the same small pool of talent. Qualified but perhaps non-traditional workers are being overlooked. Hiring managers tend to hire those similar to them - an issue of gender, race, sexual orientation and associated inherent biases - this is not scalable. Cybersecurity is not being introduced to our youth.
‹#›
Public Sector
Bloomberg Businessweek, April 15, 2014
“The Pentagon plans to triple its cybersecurity staff by 2016, U.S. Secretary of Defense Chuck Hagel announced recently.”
‹#›
Every institution that uses computers must safeguard itself from cyber attack, as evidenced by the increasingly more frequent reports of cybersecurity breaches
Apple JP Morgan Home Depot Target
Private Sector
‹#›
Job Openings
Over 15,000 jobs!
In Australia:
‹#›
The Pipeline
‹#›
Statistics - Gender
Women represent over 50% of the U.S. population but only hold about 20% of tech positions. In cybersecurity that figure drops to around 11%. In Australia, tech company Envato is the first to release statistics, 93% of their tech jobs are held by men. Only 5% of tech start-ups are owned by women.
‹#›
Statistics - Gender
Women earn 60% of all bachelor’s degrees in the U.S., but less than 20% of computer science degrees go to women. Girls represent 56% of Advanced Placement test-takers but only 19% take the computer science AP.
‹#›
Statistics - Gender
2014 statistics from AACC
PROGRAM % MALE % FEMALE
Info Assurance 77% 23%
Cyber Forensics 66% 34%
Network Mgmt 82% 18%
Programming 71% 29%
All Programs 39% 61%
‹#›
Statistics - Race
In a study of seven major tech companies, blacks represented 1.8% of staff and Hispanics 3.2%. An Australian study by Balance Recruitment of the IT and Finance industries showed 72% believe racism exists in their industry, and a further 30% have experienced racism first hand in their workplace. Only 1% of venture-backed Silicon Valley startups have black or Hispanic founders.
‹#›
Statistics - Gender & Race
Statistics provided by top tech companies in 2014
COMPANY % MALE % WHITE
Facebook 85% 53%
Google 83% 60%
LinkedIn 83% 30% (60% Asian)
Twitter 90% 58%
‹#›
Statistics - Sexual Orientation
Up to 43% of gay and transgender workers have experienced some form of discrimination on the job. 17% of gay and transgender workers report being passed over for a job or fired because of their sexual orientation or gender identity. 28% received a negative performance evaluation or were passed over for a promotion because they were gay or transgender. As many as 41% of gay and transgender workers were verbally or physically abused or had their workplace vandalized.
‹#›
Barriers to Entry
‹#›
Stereotypes
‹#›
Negative Perceptions
A study conducted by Girl’s Inc. found that 44% of girls and 38% of boys agreed with the statement “the smartest girls in my school are not popular.”
‹#›
Negative Reinforcement
‹#›
Unrealistic Job Postings
Many cybersecurity job postings demand 5-7 years of experience, degrees, and a extremely broad set of technical skills, and often a hard sciences background.
‹#›
Objectification
‹#›
Exclusivity
Can be overtly misogynistic, patronizing and dismissive. Can be unintentionally alienating to women and minorities. Occurs in both industry and academia.
‹#›
Inherent Bias
A Kirwin Institute report noted that this bias is very apparent in employment since people tend to hire those who are like themselves. Studies have been done that show that response to
resumes varies if the gender or race is obvious.
‹#›
Lack of Understanding
People don’t understand the broad range of jobs that fall under the category of cybersecurity, and the expansive range of necessary KSA’s
Pentester Compliance Auditor Forensic Examiner Support Technician Cyber Analyst
‹#›30
‹#›
Solutions
‹#›
Be a Leader
Take a top-down approach to effecting change. Create a inclusive atmosphere in your workplace. Talk to people in your organization about what’s working and what’s not. Lead by example.
‹#›
Relevant Change
“It’s not enough to just hire some female engineers, guys - it also helps to build an office culture that doesn’t scorn them.”
- from FastCompany
‹#›
Be a Team Builder
Multiple points of view create a more holistic understanding of any issue, process or product. A diverse team can meet the needs of a wider variety of users/customers. According to a Gallup poll, gender-diverse business units have a 14-19% higher average quarterly profit.
‹#›
Be Creative in Hiring
How many cybersecurity jobs do you need to fill and how long are those positions remaining unfilled? Are you trying to pick from the same old talent pool or are you thinking of creative ways to bring in fresh talent? Do you reach out to non-traditional sources of talent? Do you offer internships? Are your job postings geared towards the “purple squirrel” or based on something more realistic, such as the NICE framework? Are you partnering with academia, non-profits, government to address the pipeline issues?
‹#›
Be a Role Model
Get involved with organizations that are making a difference as a volunteer, partner or sponsor. Share your skills, knowledge and experience (mentor).
‹#›
Collaboration vs. Competition
"Remember to try to find opportunities to bring other women in - to throw the rope down. It's a dangerous thing to think: 'I'm the woman in this room, so that's my role.' I try to tell young women - don't be tricked into thinking you're in the field to compete with other women."
- Tina Fey
