There are talent shortages across the Cyber Security sector, and startups are no exception. On Episode 30 of The Cyber Security Matters Podcast we were joined by Crystal Poenisch, the Director of Product Marketing at Chainguard, to talk about her views on the talent issues facing the sector. Read on to find out what she said.
What do you think companies can do to attract people from diverse and non-traditional backgrounds into the cybersecurity industry?
I think they’re already attracted – I think they’re desperately trying to get in. There are people more qualified than me that can’t get jobs. Companies need to make their company accessible and welcoming to diverse people from different backgrounds. I couldn’t be a director at a public company, they had to give me a ‘head of’ title because I didn’t have a master’s degree or an MBA. That was just five years ago. There are people who are attracted to the industry, so it’s about recognising the ones we can bring in and train up and not looking at it like we’re training them from the ground up. People from non-traditional and diverse backgrounds are often the fastest learners and the most agile and innovative people I’ve ever employed.
How have you seen diversity kind of change in the industry since you joined?
It hasn’t changed as much as I’d like. I wish it would change more. I think one big thing that is really heartening for me is that there are male allies and allies across the board for people from all backgrounds, not just women. There is a lot more blatant support for these things and a greater recognition of the need for diversity. We need to hire more people, so more people are coming in and it is more welcoming. I see that the women who have come after me have had a much easier time, and it’s a lot easier to join now as someone from a non-traditional background.
You mentioned that bringing in people from a wide range of backgrounds benefits growth. Could you explain that a bit more?
When building a startup, you need people with skin in the game who want to win as much as you do. People who have not been given a shot are gonna be pretty hungry to win, and I think that was our competitive advantage at Okta. We intentionally hired people from non-traditional backgrounds all over the world, and we adopted an international, remote-first style of work, even before COVID.
We said, ‘Let’s get people from all different backgrounds who align with our values, and hire team players who are resilient, who want you to win, and who aren’t just in it for the paycheck. We’re looking for the people who are genuinely trying to change their lives, and get into cybersecurity to make their life better for their family.’ Those people are deeply invested in your success and are going to help you grow in ways you may not even imagine. They have so much to offer from different backgrounds, and that will come in handy when you really need utility players who are passionate about your company.
What are the key talent topics that need addressing the most at the moment?
I can only speak for what I see in startups, but I think the Cyber Security industry faces a massive talent shortage. There are stats out there saying that there are a million jobs that we need to fill that we’re not filling. There’s a lot of people saying we could just automate those roles, we don’t need to increase diversity, equity and inclusion in the talent base, or that we could figure out a technical solution. I don’t want to say that’s naive, but we need to think bigger than that.
Some leaders do this well, but I think we don’t hire for things like grit, resilience or people who have something different to bring to the table. When you have people always solving the same problems the same way from the same backgrounds, you become worse problem solvers. We need to adopt the mindset that we have done a less than sufficient job securing our critical infrastructure for the last however many years because no one has paid attention to the industry as a whole. It hasn’t been regulated, and diversity has not existed in Cyber Security. We’re seeing a lot of holes, and we’re seeing the pitfalls of that.
There are a lot of problems we cannot solve in this industry right now because we don’t have enough innovative people involved. I speak from a Western and American perspective, but our biggest challenge is finding talented people. We need to learn to recognise talent in a more broad and cross-functional way because different people bring a lot to the table. If they haven’t been working in cybersecurity for 20 years, that might actually be a benefit. We need to learn to recognise different skill sets that maybe we haven’t had traditionally.
To hear more from Crystal, tune in to Episode 30 of The Cyber Security Matters Podcast here.
We sit down regularly with some of the biggest names in our industry, we dedicate our podcast to the stories of leaders in the technologies industries that bring us closer together. Follow the link here to see some of our latest episodes and don’t forget to subscribe.
