(ISC)2 commissioned an independent blind study of employees in 1,000 organisations in the UK and 250 in Netherlands, to gather insight on those responsible for hiring IT roles.

It was identified that according to 32% of respondents, companies have been “ramping up” their diversity initiatives for talent acquisition and retention, whilst 29% of respondents added that diversity has become important to their organisations because the workforce should represent the demographics in society.

A total of 74% of the organisations surveyed instituted a stated diversity value or program in the last 2-5 years, with a further 16% following suit in the last 12 months. It was also found that 40% of survey respondents stated that the HR department was the primary driver of diversity and inclusivity efforts, in comparison to 23% who said it was the senior management team and just 10% stating that it was the C-suite driving diversity initiatives.

The study wrote:

“Amid the demand for skilled and qualified cybersecurity personnel, the study confirmed that efforts to improve the hiring prospects for these roles are helping overall efforts to recruit. While diversity in hiring is prevalent across the organizations surveyed, IT and cybersecurity constitute a major part of the overall diversity hiring push.”

In regards to hiring cyber roles, the study revealed that over three quarters of respondents (77%) stated that their organisations were recruiting for cybersecurity roles in the last 12 months. Across the responses the number of roles filled ranged from 1 to 31, although more than half (55%) of the respondents said that up to 10 cybersecurity personnel were hired by their organisation over the last year.

The study looked not just at gender, ethnicity and origin but also age, with over a third of the respondents stating that 6-20% of their IT department employees are aged 18-21, whilst 35% stated that none of their IT department employees are aged 18-21. A further 24% of the respondents stated that up to half of the IT department employees in their organisations were aged 31-40. This finding displays the struggle to hire new talent into the department, and that the IT department has an age diversity profile weighted towards older employees.

Deshini Newman, Managing Director EMEA at (ISC)2 said:

“While it is important to spotlight changes and improvements in individual areas such as gender diversity, the wider diversity make-up of the IT department, cybersecurity teams and the organization as a whole can speak volumes about the realities of inclusiveness, forward-thinking and openness to new ideas and approaches in the workplace.”

“Bringing new ideas, experience, alternative thinking and approaches to the table, as part of a broad selection of skills, experience and backgrounds can inspire, motivate and help organizations to find innovative solutions to today’s IT and security concerns.”