It is vital that the industry further diversifies and encourages a broad base of talent at all levels. It’s easy to build a team of people that look and feel like you, but if you do, you won’t get a team that’s truly seen and heard. If everyone’s the same, chances are their opinions are the same, and you’ll lose out on the great ideas that diverse perspectives can bring. A lack of ethnic minorities in cyber only compounds the issues of a skills gap of over 14,000 people per year and growing cyber threats mean professionals and businesses alike miss out on key insights, experience, views, and contributions from people of colour and those from ethnic minority backgrounds.
There are massive challenges in talent across every industry, cyber security being just one. It’s vital that the industry further diversifies and encourages a broad base of talent at all levels. It’s really easy to build a team of people that look and feel like you, but if you do, you won’t get a team that’s truly seen and heard. If everyone’s the same, chances are their opinions are the same, and you’ll lose out on the great ideas that diverse perspectives can bring.Martha Lane Fox CBE, Entrepreneur and Crossbench Peer - from 'Decrypting Diversity', NCSC/KPMG UK, July 2020
The cyber security profession in the UK faces specific issues in respect of increasing the pool of cyber security talent.
The UK Cyber Security Council has a specific objective to support and improve diversity in the UK cyber security sector. The Council is committed to overcoming actual or perceived barriers to entry into or progression within the industry.
Browse forthcoming events, and follow the links to find those we'll be at.
It's currently not possible to ascribe definitive values to several key metrics for diversity and inclusivity in the UK cyber security profession. These include:
However, some baseline estimates are available. These include:
This lack of baseline metrics is not a UK-specific problem: nearly every country is as unsighted on this, or worse, than the UK.
In the absence of baseline metrics or the option of directing specific people into the profession, the Council’s policy is that there shall be no barriers either to entry to the profession, or to success within it, for any type of person.
The Council’s target for diversity is that the measured diversity characteristics in the profession should match those in the UK’s working-age population.
In practice, this should mean that:
The UK Cyber Security Council has examined approaches to improving diversity and inclusivity taken by other countries, professions and organisations. Its analysis will help inform much of the Council's work on diversity and inclusivity in the future.
Once the Council is fully operational, the kind of programmes it may support include:
The Council aims to publish specific objectives and plans in due course.
Find the Council's own diversity and inclusion policy here.
The organisations I’ve worked in, including MI5, have been at their best when they’ve shown creativity and the ability to tackle problems from innovative angles. You don’t get that without diversity – in all its forms.Lord Jonathan Evans, former MI5 Director General - from 'Decrypting Diversity', NCSC/KPMG UK, July 2020
Jargon-loaded job descriptions, a labyrinth of qualifications and a lack of role models revealed as among the biggest obstructions to diversity in cyber security
This month is Black History Month, and following on from our Ethnic Minorities in Cyber Symposium, we look at what the cyber security sector needs to do to increase diversity.
The UK’s cyber security skills gap is well publicised – but addressing it remains a key concern for those in the industry and the UK as a whole.