One thing that is not talked about enough in cybersecurity is DIVERSITY. Most of you know that the representation of African Americans, Hispanics, and other minority POC in cybersecurity is low compared to the majority, which is White males.
I like to believe that access and exposure are some of the easier factors that lead to an underrepresentation of black and brown people in cybersecurity. In highschool I don't remember anyone pushing us to go into tech related careers. I didn’t find out about cybersecurity until I was 3 years into my undergraduate degree. This may also attribute to me being in the South and not the West Coast or the North East.
Let’s look at the demographics by race of cybersecurity
The following data comes from: https://www.zippia.com/cyber-security-specialist-jobs/demographics/
As you can see from the data above, the representation of African Americans, Hispanics, and Asians is very low. The good thing is that there are so many programs that are geared toward getting those percentages up.
Here are some reasons those numbers may look like that:
Exposure
As I stated earlier, many of us did not have the exposure to cybersecurity as kids or in our adolescence. Which puts us behind our contemporaries that are already knowledgeable about this field and who start interning in this field as early as their freshman years in college. I’m only speaking for myself but I was not privy to cybersecurity certifications nor any of the roles in cybersecurity. Once I started working in IT I could see what type of opportunities potentially were there for me in cybersecurity.
Education
According to the University of San Diego “around 88% of cybersecurity postings specify at least having bachelor's degrees or higher with 3 years of experience.” According to the census bureau there are around 29% of African Americans that have a bachelor’s degree which is less than the national average and doesn’t even include if they have STEM degrees. The number is much lower for the Hispanic population, it comes in around 11%. So if most cybersecurity positions are requiring a bachelor's degree, it puts these communities at a tremendous disadvantage.
Gatekeeping
The Cambridge Dictionary defines gatekeeping as the activity to control who gets particular resources, power, or opportunities , and who does not. Now I don't know who writes the job descriptions for cybersecurity roles, but I view that as one issue that’s gatekeeping in the cybersecurity industry. For example, how is a person who is looking for an entry-level position supposed to have 5 years of experience and a bachelor’s degree? Most of us know that when you reach the 5 year mark, you are actually senior level. These are some things that have gate kept cybersecurity roles from black and brown people.
The Change
Now instead of focusing on the bad, let's talk about the good things that are combating the lack of diversity in cybersecurity. Companies have invested a lot of money into their DEI programs. DEI stands for Diversity, Equity, and Inclusion. These programs' sole purpose is to get underrepresented groups of people into roles at companies. In this case its related to the cybersecurity roles. Along with DEI, we have witnessed companies remove some of their degree requirements, as well as provide apprenticeship programs in order to attract new talent. Then there has been the influx of cybersecurity bootcamps designed to help everyone start their cybersecurity career. I think we are moving in the right direction with diversity in cybersecurity. What do you think? Leave your thoughts down below?