The UK Cyber Security Council has launched its Diversity Process Flow paper, identifying overcomplicated language, unclear qualification requirements and a lack of role models from underrepresented backgrounds as key barriers to increasing diversity within the sector.
The paper has been produced following the Council’s Ethnic Minorities in Cyber event in February and wider consultation with its members. It seeks to help raise awareness of the key obstacles to achieving greater diversity across the sector and highlight actions that can be taken to address this.
In a recent survey by the NCSC, 25% of respondents said they had experienced a career barrier related to diversity and inclusion. The same research found only 15% of its respondents were from ethnically diverse backgrounds.
In its EMiC paper, the Council found that widespread use of jargon and unclear and inconsistent professional titles acted as a significant barrier to encouraging more people, including those from ethnic minority backgrounds, into the sector. This is particularly the case for communities where English is an additional language.
The issue is also compounded by complex and unstandardised qualifications, creating a confusing landscape for those unfamiliar with the sector.
The Council believes that this problem is playing into the UK cyber skills gap, with data from the Cyber Security Job Site revealing that four out of ten firms in the cyber sector do not have staff with relevant cyber security qualifications.
To help address these challenges, the Council is introducing a single professional standard for the industry, with three professional titles, Associate, Principal and Chartered, aligned to 16 named specialisms within the sector.
By introducing a universally recognised standard and professional titles, the Council is creating a clearer framework for how people can enter and progress throughout the cyber sector. In aligning these with 16 key specialisms, it also aims to bring greater clarity to the roles available, demystifying the opportunities for currently underrepresented groups.
This is part of the Council’s tools to make the routes into and through cyber accessible, such as the cyber security glossary of key terms used within cyber available on their website.
The paper also highlights the lack of diverse role models as a factor in the sector’s struggle to attract more talent from ethnic minority groups.
To remedy this, the report outlines the important role blind recruitment and inclusive recruitment panels can play in making recruitment processes more accessible for people of colour.
It also highlights that a culture of diversity needs to be developed from within a company and points to the importance of empowering to progress into senior leadership positions.