Written by Fred Sheu, National Technology Officer, Microsoft Hong Kong
During my career in the tech and cybersecurity sectors, I’ve seen many developments and innovations in how we keep online threats at bay, from physical security tools to the newest cloud technologies. Most recently, I’ve witnessed the evolution of AI (artificial intelligence) and its ability to recognize threats and patterns at scale that can empower cybersecurity professionals to manage threats more effectively.
AI has been a huge boon for online safety, arming organizations with innovative and cutting-edge tools to counteract digital threats. For example, Microsoft receives more than 8 trillion security signals per day, and AI allows us to sift through the data to find deeper meaning in ways we never could before.
However, hackers haven’t stood still either. Attackers have gotten smarter and begun to look to AI for malicious purposes. Cyber-adversaries are a cognitively and experientially diverse set of actors and it is because of this, that the security sector needs an influx of diversely skilled talent if it is to keep pace with this increasingly challenging and varied landscape.
This is ironically where we are lacking the one thing AI can’t provide: humans.
While AI is a fantastic tool to help humans achieve more, in the end, it is a tool which requires people to use and deploy. And with the pronounced lack of cybersecurity professionals in the workforce worldwide, we will become increasingly vulnerable until we shore up our current talent situation.
Encourage Diversity to Address the Talent Gap
Currently, estimates range there are anywhere from hundreds of thousands to millions of jobs that won’t be filled in the industry in the next few years, with many more new jobs being created each year. Even though 71% of STEM jobs are in computer science, only 8% of STEM graduates are going into computer science jobs. By 2030, 50 million more people will be needed to fill open tech jobs. This labour crunch also has secondary effects on organizations. Cybersecurity professionals note increasing workload on existing staff while overworked staff often leads to exhausted or burnt-out workers. Their time is also often disproportionately spent on incident response rather than long-term, strategic planning.
One of the fastest ways we can address this gap is to increase diversity in the sector. Women currently only make up around 20% of the cybersecurity field. And globally, women are underrepresented in STEM. According to a research by The Women’s Foundation, about half of female students in Hong Kong would choose STEM-related electives in secondary school, but only 4.1% would choose to work in STEM-related industries compared to 17.5% of the male counterpart. This is a challenge that we need to address. The government announced in the 2020-2021 Budget that it is setting aside HK$40 million to subsidize internships for undergraduates and postgraduates taking STEM programs in local universities. The latest investment, together with the efforts by businesses and the industry will help nurture more technology talents and inclusiveness and diversity in cybersecurity.
But male versus female workers is just one aspect of diversity. Cognitive diversity includes different ways of thinking and problem-solving that can be influenced based on where one was raised, educational focus, and social mores. Cyber adversaries come from many places and backgrounds – cyber professionals should too. As we change the ratio and build a more diverse workforce, we will likewise start addressing our resource gap, and build stronger teams that can make more headway against cyberthreats.
Two-Pronged Approach to Build a Stronger Industry
Our two best weapons against cyberthreats are smart, diverse people working with and benefiting from the power of AI. The more skills and knowledge we can collect and put to use as defenders, the more effectively we can operate and benefit from new technology.
Microsoft is devoted in increasing diversity in the cybersecurity sector, and I know that by continuing down this road we will start to address the current talent gap, creating a more varied and robust cybersecurity sector, and ultimately creating a safer online world for everyone.
# # #
