12 Oct 2023
by Ed Parsons

Rethinking cybersecurity: Creating alternative pathways into the field

Guest blog by Ed Parsons, CISSP, UK and Europe Director at ISC2 #techUKCyber2023

Technology innovation continues at pace – infiltrating every facet of daily life. As the digital landscape continues to evolve and grow, new threats emerge, leading demand for cybersecurity professionals to new heights, with the global workforce gap reaching an estimated 3.4 million professionals.  

There's a critical need for cybersecurity staff who possess not only technical expertise but also adaptability and problem-solving skills to address these threats and keep pace with constant innovation and change. And while the cybersecurity industry grows, the scarcity of qualified cybersecurity experts in the face of unprecedented demand remains a significant challenge, pushing organisations to go beyond traditional recruitment strategies.

The Traditional Pathways to Cybersecurity

Cybersecurity professionals have historically come from IT backgrounds, and many of these individuals pursued a traditional education path, attending a three- or four-year university and earning their degree in computer science or a related field.

While this pathway has undoubtedly produced many highly skilled cybersecurity experts, it leaves the profession drawing on self-selecting pool of candidates and facing intense competition from other technical disciplines. Relying on this pathway also reduces the cognitive diversity that is essential to solve complex problems in an evolving field. It's clear we must explore alternative pathways and embrace individuals with diverse backgrounds and skills to bolster our cyber defences.

Embracing Alternative Pathways

Recent ISC2 research shows that for new individuals entering the field, non-technical attributes and experience have developed into more critical qualifications for those considering employment. In fact, survey respondents highlighted attributes such as problem-solving skills, critical thinking, effective communication and the ability to work in a team as the most crucial skills for success in the cybersecurity industry. 

Furthermore, for those hired without technical skills, findings showed that entry- and junior-level hires were ready to handle technical assignments independently within six months or less. This evidence attests to the effectiveness of training individuals from non-technical backgrounds to undertake technical roles.

Real-world, hands-on experience is also valued highly by most employers, so it is critical that entry-level roles exist to help individuals entering the field to develop the foundational skills needed to progress their careers.

Organisations play a pivotal role in broadening recruitment strategies. Hiring managers must work with HR to ensure alignment on job descriptions, realistic expectations of candidates and a focus on recruiting individuals with the right skillsets – even if that means they are looking for individuals with non-technical attributes.

This shift in embracing individuals from alternative pathways has not only broadened the horizons for aspiring professionals but also removed or reduced many of the obstacles that once limited entry into the field. It's an open invitation to individuals from various backgrounds, experiences and talents who are intellectually curious, and share a common passion for safeguarding the digital world.

Diversifying the Future Cybersecurity Workforce

Understanding the need to help provide individuals from all walks of life the opportunity to pursue a career in cybersecurity, ISC2 has developed programs to broaden the talent pool.

In August 2022, ISC2 launched "One Million Certified in Cybersecurity," in response to the significant cybersecurity workforce gap. This initiative aims to bridge the workforce gap by equipping one million individuals with the foundational skills needed for the industry.

At the centre of this is ISC2’s commitment to offering its entry-level certification and comprehensive training, Certified in Cybersecurity (CC), free of charge for one million individuals. This includes aspiring cybersecurity professionals, career changers and those eager to build foundational knowledge that can enhance their ability in an adjacent field.

Of these one million, ISC2 has pledged to provide 500,000 free exams and training to underrepresented groups, championing diversity, equity, and inclusion (DEI) within cybersecurity. By addressing the workforce gap head-on and empowering individuals from diverse backgrounds, ISC2's "One Million Certified in Cybersecurity" initiative is pivotal in encouraging individuals to enter the profession from diverse pathways.

ISC2 is at the forefront of these efforts, developing offerings to support newcomers' cybersecurity professional development journeys. So, whether you're technical or possess non-technical skills, the world of cybersecurity is ready for you to explore and contribute to its ongoing mission of safeguarding our digital future.

techUK’s Cyber Security Week 2023 #techUKCyber2023

The Cyber Programme team are delighted to be hosting our annual Cyber Security Week between 9-13 October.

Click here to read all the insights

Join us for these events!

11 October 2023

Cyber Innovation Den 2023

Central London Conference

Cyber Security Programme

The Cyber Security Programme provides a channel for our industry to engage with commercial and government partners to support growth in this vital sector, which underpins and enables all organisations. The programme brings together industry and government to overcome the joint challenges the sector faces and to pursue key opportunities to ensure the UK remains a leading cyber nation, including on issues such as the developing threat, bridging the skills gap and secure-by-design.

Learn more

Join techUK's Cyber Security SME Forum

Our new group will keep techUK members updated on the latest news and views from across the Cyber security landscape. The group will also spotlight events and engagement opportunities for members to get involved in.

Join here

Upcoming Cyber Security events

Cyber Security updates

Sign-up to get the latest updates and opportunities from our Cyber Security programme.





Related topics


Ed Parsons

Ed Parsons

CISSP, UK and Europe Director, ISC2