Closing cybersecurity's race gap

Uncle Sam faces a longstanding, cybersecurity workforce shortage. Minorities are underrepresented in the field.

Can fixing one problem help solve the other?

In an afternoon-long spate of speeches and panels on Capitol Hill Oct. 7, experts of both genders and many races, from the private sector and government alike, grappled with those issues.

A measurable gap

"[T]his is the most significant meeting, I believe, on the Hill today," said Rep. Sheila Jackson-Lee (D-Texas), whose office, along with the Institute for Critical Infrastructure Technology and the nascent International Consortium of Minority Cybersecurity Professionals (ICMCP), helped bring the event to life.

Women, African-Americans and Latinos are dramatically underrepresented in cybersecurity compared to their share of the overall population. According to 2014 Labor Department stats, only 9.7 percent of information security analysts are African-American, and just 6.1 percent are Latino, while the broader workforce is 11.4 percent African-American and 16.1 percent Latino.

Fewer than one in five information security analysts were women, according to the data.

But as Jackson and others noted, the issue goes deeper than representative inclusion.

Get 'em young

"[T]he whole reason we're here is there aren't enough of us," said ICMCP board chairman Julian Waits. "There ain't enough white guys, there ain't enough black kids, there ain't enough anybody to cover this field."

Throughout the day, panelists offered ideas for boosting minority representation in cybersecurity, which could in turn boost the overall ranks of cybersecurity experts.

Some suggested companies and agencies take names off resumes, to cut down on subconscious racism in the hiring process. Others suggested revising the standardized tests that seem to pose barriers to disadvantaged groups.

But the most prominent themes were education and mentorship.

"The way I give back to the community, I give me," said Waits, one of several African-American men to speak to the idea that when minority kids see themselves represented in cybersecurity, they're more likely to pursue it as a career.

Entering an unfamiliar field can be daunting without role models, the speakers stressed.

"As an African-American, you go into a room and carry your whole race with you," said Howard University's Computer Science Department Chair Dr. Legand Burge III.

Burge said seeing his name with a "Dr." before it at a young age – his father, Legand Burge Jr., earned a Ph.D. in electrical engineering – helped him feel more comfortable pursuing his own higher education.

Nationwide, youth education is critical, many panelists said, since in order to maximize their potential, kids need to start down the cybersecurity path in middle school rather than waiting until college.

The National Science Foundation/National Security Agency GenCyber program may be one avenue for such youth introduction to cybersecurity. Coding boot camps for women are considered another bright spot by all accounts.