Kacy Beitel tells us about the cybersecurity skills gap and how she managed to break into the world of infosec.
An undeniable and increasing shortage of talent is happening in the cybersecurity industry. The Global Information Security Workforce Study reports that the global gap is projected to reach 1.8m unfilled roles by 2022.
We know this is happening because of a lack of access to cybersecurity education, recruiting requirements for people with certain certifications and specialised technical skills etc.
But what is the industry doing to change that?
Let’s consider one pool of talent ripe for tapping to help stem the tide: women, and specifically millennial women. According to a recent ESG study, none of the female millennials and post-millennials surveyed are currently working in cybersecurity and only 7pc are interested in pursuing this field.
However, affinity is growing among young women for technology in general and this experience can be directly translated to cybersecurity. As evidence, 57pc of the women in the ESG study are more likely to find careers in cybersecurity exciting, compared to 40pc of their male cohorts.
To help other women who are unsure if they have the ‘right’ skills to break into cybersecurity, I want to share some advice through my own personal experience.
You don’t have to have a degree in cybersecurity or an abundance of certifications to land a job in the field. I didn’t. I didn’t follow the route of an early cybersecurity education or certifications.
But, what I did have was a degree in engineering and a deep-rooted background in product management. I was able to apply those experiences and my passion for building software to cybersecurity. Having a technical mindset and willingness to learn in a rapidly evolving industry is most important.
And we need to start thinking of being female as an advantage. Smart companies are looking for diversity of thought and new ways to build and manage software. They know women are high producers, eager learners and strong communicators. It’s in their best interest to seek women with technical skills who can bring diverse experiences to the organisation.
Today, as director of product management at ProtectWise, I drive the execution of ProtectWise’s strategy and roadmap, and helped lead the team that launched the beta of Immersive Security, a radically new way to visualise network security.
ProtectWise took a chance on a woman with no cybersecurity experience because I had a hunger to learn and a reputation for leading high-performing, agile teams. I was able to bridge the gap between a lack of cybersecurity knowledge with my experience working in product management.
Since there is such a shortage of professionals with direct security experience, it’s a win-win for cybersecurity companies to find talent now to start training on the job.
For those interested in pursuing a similar path, don’t hesitate to apply because you may not have specific cybersecurity training. Be confident in your transferable skills, and the best companies will be willing and eager to invest in you.
For those entering the field, there is so much opportunity. Here are four of my key learnings to help you on your way.
Find an innovative organisation
Not every company is interested in change, especially from new employees. However, many organisations thrive on employee-led change and recognise where their best and brightest shine.
The best organisations are those that will let you take your existing knowledge and apply it across teams and the company, and not try to silo you into one specific department.
Explore where in the business you can really make a difference, and do it with confidence. This is the best type of environment to learn and grow.
Find a company that is willing to teach
Look for a company that is willing to teach, train and produce the next generation of cybersecurity leaders. This is especially helpful if you don’t have direct experience.
The best employees are the ones who show passion and a willingness to learn new skills and do what it takes to help the team succeed.
Organisations know that a little investment and training goes a long way with respect to both building internal security acumen as well as ensuring longer retention.
Mentoring is important
Have strong mentors and managers that are willing to share their stories, take the time to mentor the new hires, and learn from their colleagues or direct reports.
When you find a mentor, make sure you showcase your own technology acumen and make this a win-win type of mentorship. For example, if you don’t have direct security experience, your mentor can provide you with this expertise and you can share your knowledge on product, engineering or whatever it is that’s your exact speciality. This underscores your value and gives your colleagues more incentive to invest their time in you.
During my tenure at ProtectWise, I’ve seen new hires without security expertise paired with those with incredible security backgrounds. The duos were able to share their skills, benefiting both and helping the new employees quickly become valuable assets to the company.
Be picky about company culture
During your interview process, assess whether the people you’re meeting are like-minded. You spend a lot of time at work and you want to maximise your time there. Find an organisation with people who are equally motivated and want to further their careers. Make sure you are picky about finding your right slice of culture and leadership that you can look up to.
We have an incredible opportunity to close the talent shortage gap by engaging with young women and tapping into the passion of those already in the technology field.
The industry needs to look beyond the seemingly ‘right and ready’ and towards those with the desire to build innovative products. With this mindset, we can begin to close the gap and ultimately make the cyber world a safer place.
By Kacy Beitel
Kacy Beitel serves as the director of product management at ProtectWise, where she fuels change in cybersecurity product development and growth.