Security Staff Acquisition & Development

Embrace Diversity to Solve Cybersecurity Talent Crisis


Companies’ information security teams are under more demand than ever and, worse, they need to staff a host of new roles to cope with that demand. However, one cause of this staff shortage doesn’t come from a lack of skilled talent available but from the fact that information security managers tend to hire from homogeneous talent pools, typically rewarding narrow sets of highly technical skills.

Information security teams will benefit greatly from seeking out a more a more versatile range of backgrounds, experiences, and perspectives. They should start with underrepresented groups — such as women, LGBTQ groups, and racial and religious minorities — who make up only about a tenth of the information security workforce today.

Three steps will help.

1. Design inclusive job advertisements: Job advertisements are often created with unconscious bias, making job opportunities far less attractive to underrepresented groups.

Information security teams can create more inclusive job advertisements by focusing on the use of collaborative language and inclusive pronouns, using visuals that depict diverse groups of people, and advertising female-focused benefits, such as flexible working hours, remote work, and parental leave.

2. Change recruitment processes: Often recruitment in Information Security relies on ad hoc, word-of-mouth recruiting through methods such as employee referrals. These approaches tend to create an unintentional bias against candidates who are not already well represented in IT. To counteract this, information security managers should communicate openings more broadly both internally and externally. Example approaches include:

  • Advertising new openings through the company’s intranet.
  • Posting openings to college job boards outside of the company’s typical recruiting network.

3. Stop looking for perfection and focus on core skills: Information security managers have a tendency to create job advertisements with “laundry lists” of qualifications, which greatly decrease the size of the applicant pool.

Instead of looking for the perfect candidate, managers can increase diversity by focusing on the core skills necessary for the job and looking for candidates from non-traditional backgrounds.

Jeremy Bergsman is a practice leader at CEB, now Gartner. Read more blogs from the firm here.

Sponsored by CEB, now Gartner

Leaders at more than 10,000 organizations worldwide rely on CEB services to harness their untapped potential and grow. Now offered by Gartner, CEB best practices and technology solutions equip customers with the intelligence to effectively manage talent, customers, and operations. More at