Looking for Diverse Cybersecurity Talent? These Visionary Companies and Initiatives Grow Their Own.
Over this past series of articles, we’ve been exploring the current and growing talent deficit in the cybersecurity space as more and more companies compete for the best and brightest.
At the same time, we’ve looked at the unique challenges the industry has faced to become more diverse and inclusive. This second challenge has up until recently exacerbated the first..but our view is that it can, and does, go a long way toward eliminating it, for companies that make a sincere and “all-in” commitment to their own diversity.
Many tech companies are getting the message that a diverse workforce makes good business sense. Some even embrace diversity, equity, and inclusion as simply the right thing to do. But even those companies and “allies” who are making diverse hiring a goal, often bemoan the difficulty in finding qualified women and people from other underrepresented groups for them to recruit.
“The talent’s just not there,” they’ll say.
In a sense, they’re partially right, if “there” only means where they’ve traditionally looked in the past.
Today innovative companies and champions within them, sometimes working alone, sometimes as part of larger organizations or public sector groups have stepped into the gap to create programs to help address the cybersecurity talent shortage in general.
Companies that are smart and innovative about their hiring know that reeling in great diverse talent is both a matter of:
- knowing the right spots to fish in, and
- building opportunities and environments that foster new talent; that is, creating and stocking their own pool.
Fortunately, these efforts are getting noticed and catching on, inspiring more and more companies and innovators to participate.
Below are some companies, not-for-profit organizations, and initiatives we wanted to showcase that are creating great results, benefiting themselves, the talent they nurture, and the Cybersecurity industry as a whole. Some of them are at a very early stage; others are more developed. And this is only a partial list, which is encouraging!
From Talent Search to Talent Development
The CCSF CyberSecurity Apprenticeship Program
Carolyn Shek, Sr. Community Development Specialist at the of Economic & Workforce Development, heads up this program with Dr. Olivia Herriford, Cybersecurity Grant/Program Manager at City College of San Francisco. The program trains diverse talents from the San Francisco Bay Area at City College of San Francisco (CCSF) and places them in apprenticeships at participating cybersecurity companies.
Shek says, “We currently have placed two students with SFO and SentineOne in cybersecurity roles. SentinelOne is very happy with the current apprentice and has requested to bring on an additional apprentice.” And word is spreading. She continues, “We now also have commitments from companies such as Qualys, Palo Alto Networks, Illumio, Exabeam, Idaptive to take on apprentices as well.”
Nonprofit organization brainbabe.org, addresses the Cybersecurity talent shortage with services that promote women to enter the field, services that help humans grow in their field and services that train all genders on the soft skills needed to work happily and productively together. Brainbabe is very focused on dramatically raising these statistics. 11% of cybersecurity jobs are held by women; 53% of women leave the industry in under ten years, and only 6% of Fortune 1000 CEOs are women. Brainbabe believes educational diversity is the key to unlocking an incredible pipeline of interested humans that are curious about a career in cybersecurity. Brainbabe has showcased the power of educational diversity through its one-day conference event called Day of Shecurity which provides hands-on technical workshops and business skill training to attendees free of charge. Brainbabe invites companies to sponsor STEAM students for training (even if they didn’t major in computer science!), highlights the many non-technical jobs in InfoSec, and also encourages companies to take a more active role in training women. Deidre Diamond, Founder, and CEO of CyberSN and brainbabe will be speaking at the RSA Conference on Friday, March 8 regarding retaining and growing cybersecurity talent.
Inteligenca and the 100 Women in 100 Days Program
With cybercrime on the rise, we need an army to fight it — and the greatest potential to fill the talent gap is women, who now (as cited above) only form about 1/10 of the infosec workforce. In talking to women, Inteligenca learned that many wanted the training and accreditation needed to be a cybersecurity professional, but there were just too many barriers to entry: worries about the complexity, the time required, and – the biggest hurdle – the cost of training. So they launched the 100 Women in 100 Days project, with the goal of equipping 100 women for new roles in Cybersecurity — at zero cost to them. The program, whose mission is to inspire, train, certify, mentor, and provide opportunities for those women wanting highly rewarding careers in cybersecurity, now has hundreds of interested women lined up to benefit themselves, and address the talent shortage at the same time. The founder of the initiative, Carmen Marsh, is is a panelist at RSA Conference in the “Solving Our Cybersecurity Talent Shortage” seminar on Monday, March 4th and will be available to answer questions there.
Second Careers: Re-Skilling as a New Source of Talent
The Prelude Institute
It’s not only recent grads who can provide the raw material for fresh, new Cybersecurity talent. Smart professionals who have worked in other industries can transfer and augment their skills for the Cybersecurity space with the right training.
The Prelude Institute assesses, trains and places people who have been left behind by the current labor market into new, middle-skills careers in under one year, for under $10,000. It presents itself as a new form of higher education for today’s workforce to address today’s talent shortages. Prelude sets up its program and its students for success by co-develop the curriculum with employers, ensuring the grads it places are “work-ready” from the start. And Prelude allows students to pay back their tuition once they are earning. Both can afford to be confident, as the starting salary for Cybersecurity Analyst, the lowest level job they place, is $80,000.
SecureSet offers a 20-week immersive Cybersecurity boot camp called SecureSet Academy that also retrains people from other industries for jobs in the Cybersecurity space, allowing them to reinvent their careers and their lives. Their students’ reasons for wanting to transfer to Cybersecurity are as diverse as they are: forced economic factors like redundancies or job phaseouts, transitioning from military to civilian work, unhappiness with current employers, or simply for advancement. SecureSet has campuses in Denver, Colorado Springs, Tampa and Washington DC., with plans to open a campus in Austin, for the education of the next generation of cybersecurity professionals. They also have part-time training programs to allow a smoother transition to a new Cybersecurity career.
Conferences that Develop and Promote Diverse Talent
There’s probably no higher concentration of fresh, diverse talent to be found than at these tech conferences that were created to give these people the training, community, and support they need.
In addition to the aforementioned 100 Women in 100 Days program, there are several conferences dedicated to developing female talent for the tech industry.
LadyCoders is an annual conference in Denver, scheduled this year for April 4-5 2019. This event is led by women for women, to give women and non-binary technologists the mentorship, the validation and the role models that show them how to blaze a path forward in fields that have not always been welcoming. Women will have the opportunity at this year’s conference to continue with coaching, mentorship, and development by partnering with Denver-based companies who provide programs geared at developing mid-career women in tech. LadyCoders founder, Elaine Marino, is a featured speaker at RSA Conference in the “Solving Our Cybersecurity Talent Shortage” seminar on Monday, March 4th.
Women’s Society of Cyberjutsu is a 501c3 dedicated to providing women with hands-on technical training as well as professional support to help them bridge the gender divide in tech. It’s geared toward women beginning their careers as well as those transitioning from other industries. They also have events for girls to introduce them to and prepare them for careers in tech. Their signature annual event is a red carpet awards dinner honors those advancing the cause of women in cyber
GlobalMindED is dedicated to building a diverse talent pipeline and closing the equity gap in tech as well as other sectors. It runs an annual conference — slated this year for June 5-7 in Denver, that brings together educators, policymakers in government and nonprofits, entrepreneurs and business leaders, as well as students, many of them the first in their family to attend college. There they can find mentorship, connections and new understanding to help them see themselves succeeding in their tech careers or their own businesses. GlobalMindED is building a network of inclusive leaders who dedicate time, money and energy to open doors for women, people of color and underrepresented populations. Carol Carter, CEO of GlobalMindED will be one of the participants available to speak with registered attendees at the “Solving Our Cybersecurity Talent Shortage” seminar.
Diana Initiative. This non-profit organization based in Las Vegas conducts an annual conference that kicked off in 2017. It is where women and others can come to support and benefit from the company’s mission: to encourage diversity and support women who want to pursue careers in information security, promote diverse and supportive workplaces, and help change workplace cultures. Talks have covered how to break into and navigate the InfoSec workplace as a woman, dealing with negative workplace incidents, and achieving work-life balance among other topics. Attendees are encouraged to find a mentor at the conference.
Other programs and initiatives aim to connect with the youngest of future cybersecurity professionals through creative means. US Army Cyber Command, under General Paul M. Nakasone, hosts the CyberPatriot Elementary School Cyber Education Initiative for grade school children and The National Youth Cyber Defense Competition program that works with high school teams to teach cybersecurity fundamentals in a hands-on way, making a cyber career path accessible to groups who would have assumed otherwise. Last year, an all-girl team from Highlands Ranch High School in Highlands Ranch, Colorado went all the way to the finals competition in Baltimore, Maryland. They were featured in a program on the Today Show in Fall 2018 – coverage that promotes the program in a way that is already increasing registration beyond the record number of 6,000 teams in 2018.
For those attending the RSA Conference in San Francisco (March 4-8, 2019) be sure to attend the session (Girl) Scouting for Talent: The Solution for the Next Generation with Girl Scouts of the USA CEO, Sylvia Acevedo. Girls Scouts of the USA, in partnership with Palo Alto Networks to learn more about this promising program to provide early childhood cybersecurity education and inspire the next generation of tech leaders.
And while the connection may not be explicit to cybersecurity, Mattel Corporations Dream Gap Project has changed the face (and the revenue stream) of Mattel’s iconic Barbie(R) Doll. Robotics Barbie(R), Barbie(R) dolls representing Katherine Johnson, Frida Kahlo, Amelia Earhart, and others is the way forward to introduce dreams and career aspirations for the youngest of children in daily play.
The Power of Volunteerism
Finally, companies who want to attract and retain diverse cyber talent should consider volunteer programs as part of employee development, according to Kathleen Smith, CMO of ClearedJobs.net and Cybersecjobs.com. “Community volunteering is the backbone of the community,” she explained. “Volunteering provides career development opportunities as well as employee retention and talent acquisition strategies;” Volunteers in the community feel that they are having a positive impact on the community while gaining valuable soft skills such as communication (75%), organization (79%) and teamwork (81%). Many employees (56%) stay with their current employer because of their support for community volunteering. If looking for a new opportunity, professionals want to be sure that community volunteering is a supported benefit. Cybersecjobs.com will soon be releasing a survey about how cyber professionals search for jobs – information that is valuable to both hiring organization and cyber pros.
To Get More, Better, Diverse Talent, Get More Creative
To ensure that our companies’ commitments to diversity amount to more than just a collection of words on a mission statement, an exercise in virtue signaling, or an HR pipe dream, we have to think about recruitment completely differently than we have in the past. We need to fish where the fish are. And we need to do more, both earlier in the process, and later in mid-career, to develop the diverse talent that will be the future of the industry.
This series is the collaborative work of Karen Worstell, CEO of W Risk Group and founder of MOJO Maker for Women in Tech and Elaine Marino, CEO of Equili and founder of LadyCoders. We’re using our combined decades of experience as women leaders in Tech to bring you actionable, executive level strategies that you can use to build, develop, and retain your talent in an intentional way that contributes directly to your bottom line AND advances your company capacity for innovation and increase productivity. That’s what our initiative “Solving the CyberSecurity Talent Crisis” for RSA® Conference 2019 is all about. Follow us online, and let us hear from you! Learn more at www.karenworstell.com/rsac or engage with us on Twitter at @karenworstell.
Find more information about the RSA® Conference 2019 or to share the shorter blog published by RSAC click here