Government Needs to Diversify Its Cyber Workforce

J. Scott Applewhite/AP

And experts told Congress that agencies will need to intentionally expand how and where it looks for talent.

The federal government must immediately work to reverse the under-representation of women and racial and ethnic minorities in its cyber workforce by increasing funding across America’s education system and tapping into more inclusive talent streams, lawmakers and a panel of experts said Tuesday.

“Right now, the vast majority of the cybersecurity workforce is white and male–only 9% are African American, 4% are Hispanic and 11% are women,” Cybersecurity, Infrastructure Protection and Innovation Subcommittee Chairman Cedric Richmond, D-La., said at a hearing on the cyber talent pipeline in Washington. “Now that I have the gavel, I want to use it to drive home an important point: Diversity is essential for national security, and for cybersecurity.”

In his opening statement, Richmond referenced the White House’s recently issued executive order on America’s Cybersecurity Workforce, noting that it was “mostly silent” on diversity.

“Officials reportedly explained that they ‘hoped diversity would be a natural byproduct’ of the order,” Richmond said. “This is exactly the type of thinking we cannot afford to have if we are serious about reversing trends.”

Panelists from across industry and academia offered insights into ensuring equitable representation of women and minorities within the cybersecurity field.

Richard Gallot Jr. serves as president of Grambling State University, a historically black university, that will soon launch Louisiana’s first cybersecurity undergraduate program and America’s 13th. Gallot said establishing partnerships and pushing collaboration between K-12 institutions, community colleges and universities is vital to addressing the issue and increasing access to cyber education particularly for people in rural areas that may have less opportunities.

“Creating that pipeline from high school to either a community or junior college and then into a university is something that has worked well for us,” he said.

Lawmakers and panelists all agreed that the government should reject the prevailing cultural notion that cyber expertise requires a four-year degree and they encouraged feds to increase grants and funding for cyber education not only to four-year universities, but also for certificates, accreditations or other educational programs.

But Gallot said, right now, society still requires the minority students he serves to get a college education.

“For a black student who is going and applying for a job, I think he or she stands a better chance of being seriously considered for that job if they have a degree. That’s part of the reality of the environment that we live in,” Gallot said.

Amelia Estwick, an educator with years of experience working in federal cyber operations and who was the first African-American woman to graduate from the National Security Agency's Computer Network Operations Development Program, said a diverse cyber workforce helps reduce inherent national security blindspots.

“I feel that there’s certainly experience I bring to the table that other people just don’t have,” she said. “Having a multitude of people around you with all those different perspectives, we are able to see different areas of a problem.”

Estwick said the government should waste no time in implementing new mentorship and sponsorship programs for minority students.  

“We talk about diversity a lot in conversation and sometimes it’s frustrating for me because we talk about it so much, but I don’t see it in action,” she said.

Wesley Simpson, chief operating officer for the world’s largest membership association of certified cyber professionals that regularly commissions market research around these issues, (ISC)2, highlighted that unequal pay between genders in the cyber workforce persists as a problem and fewer minorities occupy cyber leadership roles, despite being highly educated.  

“The major opportunities as we see them are a stronger focus on equal pay for women and minorities in cybersecurity, more advancement and leadership opportunities for deserving professionals, formalized mentorship programs to help unearth untapped potential and hidden talents, and more programs that expose young women and minorities to technical skills earlier in their educational lives,” he said.