Skip to main content

Secure Your Digital Future

Learning Objectives

After completing this unit, you’ll be able to:

  • Explain the importance of developing a diverse cybersecurity team.
  • Describe attributes of the future cybersecurity talent pool.

Diversity as a Defensive Strategy

A secure digital future requires a broader and deeper cyber talent pool to bring new perspectives and approaches to cybersecurity and defense. As cyberthreats evolve and expand, the talent pool that engages with these threats must also evolve. 

While multiple studies provide evidence that diversity is an advantage that should be sought after, encouraged and exploited, it is often overlooked. New cybersecurity professionals usually follow traditional protocols when engaging in new roles, rather than taking full advantage of their unique backgrounds and experiences. 

For example those in cybersecurity roles may have a background in psychology or sociology that can be effectively used to analyze people’s behaviors and identify potential threats. Or they may have experience working in other industries that could contribute valuable insights into how other businesses handle cybercrime prevention. These seemingly unrelated skills and experience are valuable assets in this field and should be leveraged whenever possible. 

To close the skills gap in cybersecurity, organizations must recognize the importance of diversity in building a strong cybersecurity workforce. This means moving beyond traditional hiring practices that may exclude qualified candidates from diverse backgrounds due to rigid requirements like specific educational backgrounds, years of experience, or mandatory training. Instead, organizations can take a more flexible approach to hiring that prioritizes candidates with a broad range of skills, experiences, and backgrounds. This can help to increase the diversity of the candidate pool and allow organizations to tap into a wider range of skills and perspectives.

The Future Cyber Talent Pool

“People think that cybersecurity is something that’s highly technical. Yes, some roles require deep technical expertise, but cybersecurity is a vast domain and making an organization cyber resilient also requires generalist roles that need a broader skill set, from education and awareness to policy writing, governance, and others. We need more people in both the technical and generalist roles.” —Bobby Ford, Senior Vice-President and Chief Security Officer, Hewlett Packard Enterprise

Collectively, cybercriminals are organized, motivated, and have an extensive array of skills. Despite their one-track mind, attackers are often part of a complex web of accomplished hackers, as evidenced by the 1,000 engineers involved in the December 2020 SolarWinds attack. 

As these adversaries come from diverse backgrounds, skill sets and work in a borderless environment, only a cybersecurity team that is equally diverse can leverage innovative thinking to counter their hostile but innovative activities. 

Cybersecurity professionals in the future cyber talent pool are diverse, multidisciplinary and reflect the complex and evolving nature of global cybersecurity challenges. Specifically, they possess:

  • Technical skills: Strong foundations in network security, cloud security, data analytics, threat intelligence, secure coding, incident response, and so on.
  • Business skills: Strong soft skills including communication, ethical decision-making, collaboration, problem-solving, critical thinking, evaluative thinking, customer service, negotiation, and so forth.
  • Diverse demographics: More diverse and with a greater representation of women, people of color, people with no formal education, and individuals from underrepresented groups.
  • Multidisciplinary backgrounds: Come from a range of educational and professional backgrounds, including computer science, biology, engineering, mathematics, psychology, social science, education, and law.
  • Transferable skills: Apply nontraditional technical and soft skills, and abilities to cybersecurity roles.
  • Curiosity: Committed to lifelong learning, continually asking questions, updating their skills and knowledge to stay current with the latest threats and technologies.
  • Adaptability: Able to adjust to new and unexpected situations, respond to changing circumstances and learn and apply new skills and knowledge quickly.

The potential pool of cybersecurity talent is already diverse, it’s the mechanisms and processes used to access that talent that are flawed and biased, resulting in a lack of diversity. 

A diverse cybersecurity team can be compared to the idea of defense in-depth—a security strategy that involves implementing multiple layers of security controls to protect against a range of threats. Similarly, a diverse cybersecurity team is composed of individuals with distinct backgrounds, experiences, and perspectives, each contributing various skills and expertise. This diversity creates a “layered” defense that can help protect against a wide range of threats and vulnerabilities and quickly mobilize to assess, identify, counter, and recover from an attack. 

A diverse cyber team with specialized skills standing in layered circles titled Critical Thinking, Investigate Threats, Problem Solving, Protect and Defend, and Business Fundamentals representing comprehensive coverage during cyber events and incidents.

For example, a cyber team receives an alert about a possible data breach. Business experts assess the impact on the organization and work with legal and compliance teams. Protect and defense specialists secure systems and networks to prevent further loss. Skilled problem solvers identify the cause of the breach and recommended solutions. Threat investigators work with law enforcement to recover stolen data, report the attack, and track the attackers. Critical thinkers develop a plan to better protect the organization from future attacks, including employee training and regular assessments.

Overall, organizations should evaluate their talent acquisition processes and practices to ensure that they are creating a fair and equitable environment for all employees. By doing so, they can attract and retain top talent from all backgrounds, which will ultimately lead to a stronger, more robust and effective security posture.

It’s our collective differences that make us smarter and more effective. Diversity is a powerful tool for developing solutions. Organizations that prioritize diversity are likely to be better equipped to address the emerging challenges and opportunities of the future.

Sum It Up

In this module, you’ve been introduced to the emerging future of cybersecurity. You’ve learned about the importance of effective communication, managing regulatory risk, and diversity in the cybersecurity talent pool. 

Interested in learning more about cybersecurity roles and hearing from security professionals? Check out the Cybersecurity Career Path on Trailhead.

Resources

Compartilhe seu feedback do Trailhead usando a Ajuda do Salesforce.

Queremos saber sobre sua experiência com o Trailhead. Agora você pode acessar o novo formulário de feedback, a qualquer momento, no site Ajuda do Salesforce.

Saiba mais Continue compartilhando feedback