Rethinking cybersecurity: Creating alternative pathways into the field
Technology innovation continues at pace – infiltrating every facet of daily life. As the digital landscape continues to evolve and grow, new threats emerge, leading demand for cybersecurity professionals to new heights, with the global workforce gap reaching an estimated 3.4 million professionals.
There's a critical need for cybersecurity staff who possess not only technical expertise but also adaptability and problem-solving skills to address these threats and keep pace with constant innovation and change. And while the cybersecurity industry grows, the scarcity of qualified cybersecurity experts in the face of unprecedented demand remains a significant challenge, pushing organisations to go beyond traditional recruitment strategies.
The Traditional Pathways to Cybersecurity
Cybersecurity professionals have historically come from IT backgrounds, and many of these individuals pursued a traditional education path, attending a three- or four-year university and earning their degree in computer science or a related field.
While this pathway has undoubtedly produced many highly skilled cybersecurity experts, it leaves the profession drawing on self-selecting pool of candidates and facing intense competition from other technical disciplines. Relying on this pathway also reduces the cognitive diversity that is essential to solve complex problems in an evolving field. It's clear we must explore alternative pathways and embrace individuals with diverse backgrounds and skills to bolster our cyber defences.
Embracing Alternative Pathways
Recent ISC2 research shows that for new individuals entering the field, non-technical attributes and experience have developed into more critical qualifications for those considering employment. In fact, survey respondents highlighted attributes such as problem-solving skills, critical thinking, effective communication and the ability to work in a team as the most crucial skills for success in the cybersecurity industry.
Furthermore, for those hired without technical skills, findings showed that entry- and junior-level hires were ready to handle technical assignments independently within six months or less. This evidence attests to the effectiveness of training individuals from non-technical backgrounds to undertake technical roles.
Real-world, hands-on experience is also valued highly by most employers, so it is critical that entry-level roles exist to help individuals entering the field to develop the foundational skills needed to progress their careers.
Organisations play a pivotal role in broadening recruitment strategies. Hiring managers must work with HR to ensure alignment on job descriptions, realistic expectations of candidates and a focus on recruiting individuals with the right skillsets – even if that means they are looking for individuals with non-technical attributes.
This shift in embracing individuals from alternative pathways has not only broadened the horizons for aspiring professionals but also removed or reduced many of the obstacles that once limited entry into the field. It's an open invitation to individuals from various backgrounds, experiences and talents who are intellectually curious, and share a common passion for safeguarding the digital world.
Diversifying the Future Cybersecurity Workforce
Understanding the need to help provide individuals from all walks of life the opportunity to pursue a career in cybersecurity, ISC2 has developed programs to broaden the talent pool.
In August 2022, ISC2 launched "One Million Certified in Cybersecurity," in response to the significant cybersecurity workforce gap. This initiative aims to bridge the workforce gap by equipping one million individuals with the foundational skills needed for the industry.
At the centre of this is ISC2’s commitment to offering its entry-level certification and comprehensive training, Certified in Cybersecurity (CC), free of charge for one million individuals. This includes aspiring cybersecurity professionals, career changers and those eager to build foundational knowledge that can enhance their ability in an adjacent field.
Of these one million, ISC2 has pledged to provide 500,000 free exams and training to underrepresented groups, championing diversity, equity, and inclusion (DEI) within cybersecurity. By addressing the workforce gap head-on and empowering individuals from diverse backgrounds, ISC2's "One Million Certified in Cybersecurity" initiative is pivotal in encouraging individuals to enter the profession from diverse pathways.
ISC2 is at the forefront of these efforts, developing offerings to support newcomers' cybersecurity professional development journeys. So, whether you're technical or possess non-technical skills, the world of cybersecurity is ready for you to explore and contribute to its ongoing mission of safeguarding our digital future.
Cyber Security Programme
The Cyber Security Programme provides a channel for our industry to engage with commercial and government partners to support growth in this vital sector, which underpins and enables all organisations. The programme brings together industry and government to overcome the joint challenges the sector faces and to pursue key opportunities to ensure the UK remains a leading cyber nation, including on issues such as the developing threat, bridging the skills gap and secure-by-design.
Join techUK's Cyber Security SME Forum
Our new group will keep techUK members updated on the latest news and views from across the Cyber security landscape. The group will also spotlight events and engagement opportunities for members to get involved in.
Upcoming Cyber Security events
Cyber Security updates
Sign-up to get the latest updates and opportunities from our Cyber Security programme.