itag news

Panel-YouTube
November 9, 2021

Diversity in Cyber Security

DIVERSITY IN CYBER SECURITY

As part of the recent Cyber Security Summit organised by itag and Cyber Ireland, a fascinating panel discussion was held on ‘Diversity in Cyber Security’.

We were privileged to have three top class speakers participate, all of whom were able to share differing levels of insight on this important topic which has not always received the attention it demands. The panellists were:

Blessing Usoro of JP Morgan Chase & Co, who is also the Co-Founder of Cyber for SchoolGirls, a non profit organisation which aims to bridge the gender gap between women and men in the cyber security sector. She is also the Co-Founder of Cyber Women Ireland, which aims to support women in the industry.

Donna O’Shea of Munster Technological University holds the position of Chair of Cybersecurity and is co-Principal Investigator at the Science Foundation Ireland (SFI) research centre CONFIRM and Funded Investigator at the SFI research centre CONNECT and ENABLE.

Rebecca Springett of TitanHQ is at the early end of the career spectrum, having recently graduated from National University of Ireland, Maynooth with a double major qualification in computer science and media studies, before joining TitanHQ as a Technical Support Engineer.

The discussion was expertly hosted by Brian Honan of BH Consulting.

The first issue covered was how to encourage more people from diverse backgrounds into the cyber security sector and what are the barriers currently stopping this from happening.

Blessing Usoro highlighted that there are issues around the current ethos in the industry and securing the necessary qualifications. She spoke of the ‘macho culture’ than can exist and the different implications of that culture. As an example she described how she was micro managed at times when her male colleagues weren’t. That type of environment brings doubt to people and leads to people questioning whether they should be working in that field.

She also spoke about the undue emphasis that has been placed on certain types of qualifications, yet there are so many aspects of cyber security that should be open to people who don’t have an engineering degree. This can act as another barrier as some people from underrepresented backgrounds don’t have the finances to go through specific academic processes or to secure the necessary certifications.

Building on those comments, Rebecca Springett also spoke about how the lack of encouragement from a young age is another huge barrier and how there is a different level of encouragement provided to men and women. Girls in school aren’t being encouraged to consider cyber security as a viable option for further study and that has a knock on impact on the number of women who are choosing to pursue this avenue as a potential career. She said we need to do more to encourage young women to look at this industry and to research what they want to do in their professional lives. As there is little support in the education sector she said this was why organisations like Blessing’s Cyber for SchoolGirls are so important.

Donna O’Shea spoke about the fantastic opportunities offered in the cyber security sector and how she has never been without a job or without an opportunity during her time working in the sector. She also outlined the potential that exists for companies who embrace diversity and how it has been proven that this can bring commercial advantages. She believes the industry needs to be reflective of our society and that industry leaders have a moral duty to help achieve this.

She also spoke about the significant cyber security skills gap that exists in Ireland and how businesses can’t wait 10 years for students to come through when they need qualified personnel right away. She said companies are making decisions now and if the skills aren’t in Ireland they will go elsewhere.

Another topic she touched on was the need for more innovation in how we teach cyber security. She highlighted how most universities in Ireland don’t teach cyber security as part of their undergraduate degree programmes and that is a major problem. It is leading to people having to source the relevant additional certifications, which are a barrier to entry to the sector, but it is a barrier that wouldn’t exist if we were teaching the topic.

In terms of how these barriers are addressed, Blessing Usoro mentioned that people from diverse backgrounds are more likely to want to work with a company if they can see more people that look like them. Employees from diverse backgrounds can become champions for their companies and that entices more people from those communities to consider that particular employer.

This issue was also addressed by Donna O’Shea, who highlighted the need for more inclusion in the workplace. If employers want more diversity then they need to address the inclusion aspect first. That means providing genuine paths for progression for women and people from diverse backgrounds.  She mentioned it was notable that there are less women and people from diverse backgrounds in leadership positions, that women earn less money than their male counterparts and there are not mechanisms for engaging with HR to address many of these issues. All of those problems will need to be fixed.

Blessing Usoro also highlighted that the stereotypical image of a hacker is of a man in a black hoodie, but there is no reason why a hacker can’t be a woman or a trans person.  This is reflective of the culture within the sector and it if that is to be tackled then men will need to make active decisions to be allies. That will involve making sure that minorities in your group get treated with respect and that the work they do is commended. It is also vital that management sees and treats everyone as equal.

She also spoke about the importance of the Government recognising the lack of diversity as a problem, because that is where support will come from.

Another key issue highlighted by Donna O’Shea was the bridge between the industries. There are currently 56 courses available nationally in cyber security. 15 of them are free and can be secured through the ICT skills Skillnet initiative, covering every academic level and they are available in all regions of Ireland. The reason people aren’t taking these courses is because the bridges don’t exist and that is something that will have to be amended. The sector needs to look at what the barriers are for diverse communities, to understand them and resolve them.

Rebecca Springett also had some advice for those who are considering working in the sector. Companies will always find it very difficult to turn away anyone who has the right work ethic. Anyone who wants to thrive in the industry should try to bring three things – a strong work ethic, research and self motivation.

Her remarks were echoed by Blessing Usoro who said anyone who enters the industry needs to have a ‘willingness to learn’ mindset and that the industry will embrace anyone who possesses that quality.