5 minute read
FROM DIFFERENT PERSPECTIVES TO BETTER PROTECTION: HOW DIVERSITY IMPROVES CYBERSECURITY
by Sasenka Abeysooriya , Program Director & Senior Strategic Adviser at The University of Queensland, and Merrell Milano , Deputy Vice-President, Advancement Services at The University of Queensland
Rapidly advancing technology and evolving cybersecurity threats require cybersecurity professionals to continually think differently to protect against potential breaches and attacks. The complex and sophisticated nature of these threats requires cybersecurity experts to stay informed and prepared to face the challenges of today and the future.
Dr Ivano Bongiovanni from the University of Queensland led a study on the barriers that women face in cybersecurity. It found: “…given the growing complexity associated with cyber threats and the multiplicity of skills required to address them, the demand for cybersecurity professionals continues to increase rapidly.”
In other words, the supply of qualified talent simply cannot keep up with demand, leading to a significant skills gap in the industry and increasing the vulnerability of organisations already at risk. To address this challenge, Dr Bongiovanni and his colleagues urge organisations to invest in innovative approaches to education and training, as well as in initiatives to promote diversity and inclusivity in the cybersecurity workforce.
A focus on expanding existing staff perspectives through professional development initiatives—such as upskilling current employees, investing in education and training programs, and leveraging emerging technologies—can help alleviate the cybersecurity talent shortage. However, to meaningfully and strategically foster innovation in cybersecurity, organisations must recognise the value a pool of skilled and diverse professionals can bring, and must focus on attracting and retaining such people.
True transformation often arises from creative problem-solving and resourcefulness, and a diverse team will bring a wider range of ideas and solutions to combating the growing sophistication and creativity of future cybersecurity challenges. To achieve this transformation, organisations must create an environment that encourages and embraces people with diverse backgrounds, experiences and perspectives.
Diversity
In talent acquisition, diversity is achieved by actively seeking out and recruiting candidates with a wide range of backgrounds, experiences and perspectives. They could be diverse in ethnicity, gender, sexual orientation, age, socioeconomic status or other attributes. By seeking out a pool of diverse candidates, organisations can tap into a broader range of skills and experiences and infuse standard positions and responsibilities with new, unique perspectives. Such a workforce is likely to produce solutions more innovative than those from a homogeneous team.
Initiatives to foster diversity in cybersecurity include a shift in conventional recruitment strategies and going beyond the usual channels to seek talent in unexpected places. It is important to acknowledge what people have overcome in their lives rather than focusing on their qualifications and recent experience. By recognising, valuing and celebrating the achievements of individuals who have overcome obstacles and have demonstrated resilience and problem-solving skills, organisations can create a workplace culture that values and acknowledges the strengths of all team members.
Inclusion
When the cybersecurity community is more inclusive it has a better chance of identifying and addressing the many and diverse threats and vulnerabilities it faces. An inclusive environment is crucial to ensuring all team members can contribute to their full potential. This requires the leadership to remove participation barriers and promote a thriving environment where team members can share their challenges and experiences without fear of judgment or reprisal. Leaders must identify and address participation barriers to create an environment in which all can contribute and grow.
Infusing planning and strategy with different perspectives and open ideas can help establish a more inclusive team environment. When leaders intentionally seek out diverse perspectives they can identify and address potential blind spots and generate innovative solutions to complex problems. In doing so, they create opportunities for team members to learn from each other and grow together.
Leadership that recognises and celebrates both personal and professional achievement will contribute to an inclusive team culture. Acknowledging and appreciating the unique challenges colleagues may have faced, and celebrating their achievements will establish an environment that values and recognises the strengths and experiences of all team members.
Core Traits Needed For Success
If recruitment processes are to achieve diversity and inclusion they must select candidates based on essential core traits: professionals able to continually adapt and show traits for success such as problemsolving ability, critical thinking and soft skills.
Problem-solving ability is one of the most crucial traits for cybersecurity professionals. Cyber threats are continually evolving and becoming more sophisticated, requiring cybersecurity professionals to think outside the box and solve complex problems creatively. Individuals must be able to quickly identify and address security vulnerabilities and incidents and adapt to rapidly evolving situations and contexts while proactively developing new strategies to prevent future attacks.
Critical thinking is essential for success in cybersecurity. Cybersecurity professionals must analyse data and recognise patterns to identify security risks, evaluate the effectiveness of different security measures and develop responses that are effective and efficient. Additionally, they must be able to evaluate new and existing technologies and products to determine whether they are secure and compatible with existing systems.
Soft skills are essential for success in cybersecurity, albeit currently under-valued. Effective communication skills, including active listening and clear expression of ideas, are critical to ensuring cybersecurity professionals work collaboratively with their teams and effectively communicate with stakeholders. Soft skills become increasingly critical during incident response, particularly in managing dynamic stakeholder relations and ensuring clear communication on actions and timelines. A lack of clarity and team cohesion can jeopardise security in a high-risk environment.
It is vital to select candidates based on these essential core traits if a strong and effective cybersecurity team is to be built. By prioritising these core traits in recruitment, organisations will build a diverse and innovative workforce capable of handling the ever-evolving cybersecurity landscape.
Conclusion
Fostering innovation in cybersecurity requires a concerted effort to create a diverse and inclusive team environment. By recruiting from a wide range of backgrounds and providing an inclusive workplace culture, organisations will tap into the wellspring of creativity and innovation that comes with diversity. By embracing new and varied perspectives and experiences, organisations will create a more innovative and effective workforce that is better positioned to rise to the challenges of the digital age.
About Sasenka Abeysooriya
Sasenka Abeysooriya is an accomplished and dynamic strategist, innovative thinker and strong communicator with over a decade of experience in IT. He is Program Director for The Queensland Commitment at The University of Queensland and is well-versed in a diverse range of activities, including strategy, enterprise architecture, program management, data governance, security and risk transformation. His extensive career has spanned a variety of industries including ICT, healthcare, travel, marketing, advertising, government, higher education and not-for-profit. Sasenka holds degrees in IT and International Relations.
www.linkedin.com/in/sasenkaabeysooriya
About Merrell Milano
Merrell Milano is an accomplished executive with extensive experience in advancing fundraising and engagement programs. She is Deputy Vice-President, Advancement Services at The University of Queensland where she oversees a portfolio of information management, insights and operations teams. Her expertise spans a range that includes business analysis, process development, change management and project management, as well as aligning technology and tools with the unique needs and best practices of institutions.. Prior to joining The University of Queensland, Merrell spent a decade as an Associate Vice President at US-based fundraising consulting and services company BWF where she specialised in fundraising operations and systems, helping universities, colleges, healthcare organisations and other non-profits design and implement data-driven operations and effective technology tools to achieve fundraising success. Merrell is a graduate of New York University with a Bachelor of Arts degree.
