Podcasts
Special Editions
Ep 66
Special Editions 6.27.24
Ep 66 | 6.27.24

2024 Cyber Talent Study by N2K and WiCyS.

Show Notes
Transcript

Dave Bittner: Maria Varmazis, N2K host of "T-Minus Space Daily", recently spoke with WiCys Executive Director Lynn Dohm and a panel of N2K experts including Simone Petrella, Dr. Heather Monthie, and Jeff Welgan, all about the 2024 Cyber Talent Study. [ Music ]

Maria Varmazis: Hi everybody, and welcome. My name is Maria Varmazis and I'm thrilled to be here talking with a fantastic group of people today about the Cyber Talent Study. All right, before we get into that, before we get into what that is, I think it'd be great if we start first with introductions from each of our guests today. Lynn, you're at the top of my screen, so why don't you go first?

Lynn Dohm: Sure, thank you, Maria. So I'm Lynn Dohm. I'm Women in Cybersecurity Executive Director. We often go by our acronym, WiCys, and we pronounce it we-sis, like "we sisters", because we're a global cyber sisterhood. So our mission is to recruit, retain, and advance women in cybersecurity. We have over 9,800 global members and representation in 99 countries. In addition to that, we have 270 student chapters and 70 professional affiliates all around the world. So each and every day, we're running many, many different programming efforts with the reach of over hundreds of thousands of individuals, really driving the change that's needed within the cybersecurity workforce. But it's important to note that we exist because we're at a critical workforce shortage. And our mission to recruit, retain, and advance women is bringing accessibility and opportunities for women to step in this space. So that's what led us to partnering with N2K and this very fabulous Cyber Talent Study that we're going to be talking about today.

Maria Varmazis: Fantastic introduction, Lynn. Thank you. Keep in mind all those awesome things you said as we go through the next intro. Simone, why don't we go to you next?

Simone Petrella: Man, Lynn, you have that so down pat that I don't think I could ever compete with that introduction. But I'm Simone Petrella, President of N2K Networks, and our mission is to provide strategic workforce intelligence for the cybersecurity profession, and that includes everything from the talent insights that we need using data to inform strategic decisions around the workforce and experience shortages that we experience in cybersecurity, how we think about learning plans and development as it comes to training and developing that workforce, and most importantly, because of our name, it is not only N2K, but it stands for "News to Knowledge", and so providing the professional development through the daily industry news and current events that we get through organizations and podcasts like the N2K "CyberWire".

Maria Varmazis: Awesome. And Jeff, over to you next.

Jeff Welgan: Yeah, great. And it's hard to follow these two. But my name is Jeff Welgan. I'm the Chief Learning Officer at N2K. And really, my role at N2K is to oversee our Cyber Talent Insights Team and capability, as well as our Training development Team. So, you know, we get an understanding of workforce needs and are able to backfill those skill shortages and knowledge gaps with great training, or at least training recommendations. I'm honored to be part of the study in the sense of just driving the mechanisms and capability to kind of analyze the data and get that data, and provide some really great results.

Maria Varmazis: Fantastic. And absolutely last but not least, Heather.

Dr. Heather Monthie: Hi Maria, my name is Dr. Heather Monthie. I am a cyber workforce consultant with N2K. I've got over 20 years of experience in STEM workforce development, a former university dean and professor. And now I work with N2K and our customers, our clients, to build out training plans for their cybersecurity teams so that we can identify some of the skills gaps that might be on the teams and how do we put together training plans and pathways, career pathways, that are effective and that actually work. And so that's my -- my role here.

Maria Varmazis: Awesome, thank you all four of you, for those great intros. And as I sort of teased at the top of the show today, we're talking about the Cyber Talent Study, which is what brought N2K and WiCys together. And I'm super curious, like, how that conversation went on, how this came about. I kind of want the origin story for this study. Simone, Lynn, which one of you wants to take that? You want to answer, like, how did this get started? Go ahead, Simone.

Simone Petrella: Yeah, I'm happy to kick it off. So, one of the, I think, things that's very important to us here at N2K is around, you know, we take our whole livelihood, our meat and potatoes, is dealing with how to provide data that tackles and can make an impact on the cybersecurity workforce shortage, talent shortage, experience shortage, however you want to categorize it. And that includes -- and one of the things that we have always felt very passionately about, is that you can't solve that problem if you also don't incorporate diversity into that conversation. Because we're not going to be able to make a demonstrative impact if we only focus on what is sometimes an under-representation of women and minorities in the field. And so having connected with Lynn first at an event in Minneapolis, we really shared a common vision around how do we encourage and propel more women to get into the field. But I'd say even more importantly, how do we think about those drop-off points when there's that glass ceiling, or how do you actually get women to stay in cybersecurity and STEM fields? And so we started to sort of talk about how we could work together to help WiCys as an organization, A, tell its great story about the mission that it's doing and what it's contributing to getting more women into the field, but also provide some perspective on how do we maintain and provide really aligned programming that kind of solves some of these problems that we see throughout the entire journey of women in the cybersecurity field.

Maria Varmazis: Yeah, Lynn, anything to add to that? Because I know WiCys has been doing fantastic work around, you know, talking -- getting women more involved in cybersecurity in general and also up-leveling them. So I'm so curious, your view on, you know, the study and the need.

Lynn Dohm: Yeah, I mean, the need really came from Simone and I syncing up at that event about a year ago, which was just a great conversation as it started. And then we started looking at, like, how can we partner and solve and tackle this challenge together. So WiCys last year started investing some time and attention and looking at retention for women in cybersecurity, and what is the state of inclusion. And through that study we discovered some really important findings. And one of those was that there's a -- women experience sources of exclusion at a higher level than most individuals in the cybersecurity workforce, which would be men. And that source of exclusion is coming from career growth and advancement. And so we started looking at, Well, how are women performing in cybersecurity as cybersecurity practitioners and in their careers? And that's what led us to exploring further of at what capacity is the state of women's cybersecurity, and what is their level of performance? And we were able to utilize the N2K's NICE diagnostic assessments to do that, and that's what led us to, you know, moving forward with this study and to be able to report on these findings. Is not only do we want women to get into cybersecurity, but we want them to stay, and we want them to advance in their careers because of it. And we felt like this study was an interesting way for us to look at what is that performance, what are their areas of strength, and how could they leverage that to advance in their careers? And so that led us to this important study.

Maria Varmazis: Awesome. I do want to get into the results of the study, and that's my champing at the bit for that part. You did mention the NICE framework -- the NICE diagnostic, I should say. Jeff, this feels like a good moment for you to come in and just tell us a little bit about what that is.

Jeff Welgan: Yeah, no, I appreciate the opportunity. So we have fortunately a few years ago created a diagnostic assessment or tool that's aligned to the NICE framework. So, essentially we're asking a number of questions and then assessment that align to key roles, knowledge areas, task areas of the NICE framework. And by doing that, we're then able to analyze the results of those questions in relation to those knowledge areas. This is even more supported by collecting a few tidbits of extra information from some participants. So, like, understanding experience levels, understanding what we call functional grouping, which is an additional taxonomy that N2K has added to our analysis of the framework. Meaning, like, you know, generally speaking, what kind of functional group do you work in in cybersecurity? Are you in analysis, offensive security operations, GRC, et cetera? So we have that layer on top of it as well. So by getting results of performance data on those questions, combined with experience levels, and combined with, like, a functional perspective, allows us to really parse out the data in meaningful ways and kind of say, Hey, this group of people perform this way, or more junior people are outperforming in one area or underperforming in another area. So, that is really the tool that allows us to deploy really great, you know, insights into this workforce. I'll also kind of make a plug, though. NICE just did an update to the framework this past March. So we're actively working to update our diagnostic to reflect those newest changes. So, there's some pretty significant changes in that and we're excited to be releasing that soon.

Simone Petrella: Maria, one thing I just want to sort of, like, kind of comment on is one of the biggest challenges that we have in the profession and we talk about cyber workforce as an industry is around data collection. And so there's lots of opportunities to sort of understand and collect data on, you know, what positions are out there or how many openings are there for jobs. But where you start to -- I think one of the things that was most exciting to us is that with working with WiCys, you can look at that external data around what are the roles people are filling in, what are they in? But then you're now looking at -- you're collecting another data input around the performance of the individuals themselves, and you can compare them against that role. And so that's really powerful because you're turning pure data collection into insights that, like, the individual members can use to understand where they want to go, but then we as organizations can kind of get a better sense of what is the impact of these, you know, of where women go? How do we think about how to keep them in the field? What does that pathway look like? So that's just, you know, data, everyone likes to talk about data and machine learning and AI, but that's where it really becomes compelling.

Maria Varmazis: Yeah, and organizational change can happen after that point. Yeah, go ahead, Lynn. Yeah.

Lynn Dohm: Yeah, and another great -- and thank you for that, Simone, is because another great area for us as a nonprofit sitting in this space is it helps us identify areas of growth opportunity and some gaps, and how could we as a nonprofit build programs to help bridge that gap and help overcome some of those challenges that are identified here. So not only is it an opportunity for our WiCys members to participate in the actual assessment and study, but also as a way for us as a nonprofit to be able to develop very intentional programming for making -- you know, for helping overcome some of the challenges.

Maria Varmazis: Fantastic. Well, we've teased a little bit about the study, so let's get into the data. Heather, this feels like a good time to bring your voice in. Do you want to walk us through either, maybe we go by functional groupings, or I don't know if there's a way that you prefer to sort of look through this data set, because there's quite a lot there. But I'm thinking maybe it makes sense to go through the groupings first? Would you like to walk us through it?

Dr. Heather Monthie: Yeah, let's do a review of the NGK functional areas. So, what N2K has done, what Jeff has started talking about a little bit, is what we've done is we've taken the NICE specialty areas and created these what we call functional areas or functional groups to really just, you know, group this information at a higher level. One thing I really -- I really like about how this study was done is that some things that we do know about women in STEM fields and women in male-dominated fields specifically, that oftentimes when you are looking at yourself and your own skills, women in particular will rate themselves lower on a self-assessment than men will. Men will actually rate themselves higher than what they actually are. So you don't get a true, you know, sort of benchmark of where your team is. So if you're managing a team, you're leading a team of 30 cybersecurity professionals and you all ask them to rate themselves on these particular skills, generally speaking, the men are going to rate themselves higher and the women are going to rate themselves lower, even if that's not a true understanding of where they actually are. And what I really like about how this study was done is this is hard data showing this is where WiCys members really excel compared to the rest of the people that have taken this particular assessment. And what we found is there are four different functional areas that WiCys members excelled above and beyond the other people that have taken this assessment. And the four areas are these - communications and network security, cyber workforce training and awareness, cyber IT leadership and management, and then IT policy and GRC or governance risk and compliance. So generally speaking, the WiCys members that took this assessment, those are the four areas that they really excelled. What we did find when you look at it across all of the different NICE specialty areas, and like Jeff was saying earlier, there has been some changes to the NICE framework. This is using the current version of the NICE framework, using those different specialty areas. And WiCys members excelled in nearly all of the different specialty areas on the NICE framework. So I really think it shows that some of the things that WiCys is doing, building this community of people who are supporting women in cybersecurity and helping them develop out their skills, the things that WiCys is doing is working. But I also think it shows that there is, you know, there were a lot of people that took -- the majority of the people that took this assessment identified as being in sort of a junior role. But we see things like leadership and policy and strategy and cybersecurity awareness and some of these more higher-level, you know, strategic initiatives that are happening across the board at a company, we've got junior members that are excelling in those particular areas. So I really think this shows that companies have a lot of potential talent in their junior teams, and figuring out ways to expand upon that potential and help them grow within that company, you know, through a career pathway, specific training, you know, leadership development, that kind of thing.

Maria Varmazis: Yes, Jeff, I see you wanted to add something.

Jeff Welgan: Yeah, no I just wanted to maybe elaborate and just add one point, a minor clarification to the points that Heather made. Actually, the WiCys members outperformed all others who have taken our diagnostic in every NICE category, you know, per the previous version. So there's seven categories in the NICE framework, analyze, collect, and operate, operate, maintain, investigate, oversee, govern, protect and defend, and securely provision. They've since had some new names assigned to them. The point, though, that I'm really highlighting is that WiCys members did better in all of those areas than all other participants when we kind of compare those two groups, which is amazing. And I think it really kind of made us start thinking about, Well, what's WiCys doing? You know, like, is this something that can be attributed back to WiCys specifically and how they support their members, or is it something else? And, you know, I think we're still, you know, getting our heads around that, but I think WiCys has done a lot of really great programming and I think there's something there to it. So I can always turn it over to Lynn to elaborate on that point too, where they've supported members, yeah.

Maria Varmazis: I was going to say, Lynn, what was your reaction when you saw that? You must have been like, Heck yeah!

Lynn Dohm: You know, just hearing it here today, I'm like, it's celebrating again, once again. It's like something, you know, worthy of being celebrating for all our WiCys members. And so WiCys being the community to not only advance in your careers, but also pay forward additional opportunities, this is what we do. I mean, we're here to put together initiatives to be able to grow and advance and develop our members into their cybersecurity careers and provide those, you know, advanced opportunities for where they go ahead. But a lot of our initiatives are focused around, you know, more skill development and providing different training, different programs. What's unique about WiCys is the wraparound services is not only are we interested in putting a programming effort together, but it's also about having technical mentors in that. To have Ask me Anythings, to have open office hours, to develop a cohort. Because we know that their community, the strength really lies in the community and the effective communication that they have amongst themselves. And so all of our programs are really focused around growing and developing that cohort experience, and everyone to lean in on one another through their career advancement and also have that network now. It's about forming and building that network, and instead of women working in silos, not only in their jobs but not having a community to have around them, we're helping, you know, fulfill that void that currently exists for a lot of folks in the industry.

Maria Varmazis: We'll be right back. [ Music ] Members of WiCys and people who took this specific study, one could argue that they're more career motivated, they in a way sort of self-selected one could say. But at the same time, I imagine we could also extrapolate the findings from this study and think about how it can apply to women across the cyber workforce in general. I'm just curious, any thoughts on that? Maybe Heather, I haven't heard as much from you, maybe any thoughts on that there?

Dr. Heather Monthie: Yeah, I think this goes to show just, you know, sort of what I was saying earlier, is that, you know, when we're looking at recruiting, attracting, and retaining cybersecurity talent, when you're trying to build a diverse team, you've got to look at some of the things that make qualified applicants self-select out, so out of that hiring process, right? And so while we see in this diagnostic, we see in the data that women are excelling in, you know, a lot of different areas within cybersecurity, but when we start putting out job descriptions where, you know, we're looking at, you know, a level one or level two analyst type of role and we're listing out 15, 20 different pieces of software they want to have somebody to have experience with, and maybe the mindset is let's just put this out there and see what we get, let's see who applies. The issue is that women look at that in general, women look at that and go, I don't meet 100% of these requirements, so I'm not even going to bother applying. And so they self-select out. So by really understanding sort of where the workforce is, where we see the strong points of the women in cybersecurity members, the WiCys members, and then, you know, really having that understanding of how we do our hiring process when we're looking at, Okay, we need to get more people in the door, we need to get more people -- more qualified people applying for these jobs, how do we do that? So how -- what can we change about our recruiting process? What can we change about our job descriptions so that they're more attractive to the right people, versus we're just going to, you know, shoot for a unicorn and see what we -- see what we get.

Maria Varmazis: Yeah. Yeah, it's a familiar issue and not just in cyber but in a lot of tech world jobs as well, that whole unicorn hunting phenomenon. So, a question to the group. I'm always curious when we do studies like this about things that might have surprised you from the results. Anyone find anything surprising from these results that, you know, you were really just like, Wow, that's interesting?

Jeff Welgan: One, I think the outperformance was surprising. You know, I think this is not an easy diagnostic. It's very difficult. So to see across all NICE categories was surprising. You'd expect maybe, you know, some here and some there, but 100%, that was surprising. I think the other thing that leaves me questioning and hungry for more information is around the representation. Because when we looked at the representation of WiCys members who took this and we're asking them, Well, what fields or what functional area do you associate with? We see really low representation in operational technology and engineering, and in data engineering and analytics. Now, you could make an argument that maybe there's just -- those are smaller functional fields in cybersecurity, so maybe the smaller representation there, it correlates to just the broader cybersecurity field. I don't know, but I don't think that's the case. We only had three members in our 399 participants who identified in operational technology and engineering. And we're talking about ICS SCADA systems. And, you know, just based on experience, you know, working with people in those roles, they're male-dominated subsets of the field. So I'm really interested in, you know, figuring out that a little bit more and just kind of learning a little bit more about how, you know, Is that true? Do we have a real big deficit in those, you know, areas? And if so, you know, what can we do to help promote more diversity in these, you know, niche parts of the cybersecurity industry.

Maria Varmazis: That's a great point. That makes me think of a whole bunch of possible cultural reasons that could contribute to that. But I won't conjecture since it's not my study.

Jeff Welgan: Well, I think it's a fair point, Maria. I mean, like, you're the host of "T-Minus", and you're a space nerd, right? Like, you probably see this in that field, too, in aeronautics and space. Probably less women representation there, too, I'm just guessing.

Maria Varmazis: It's even less than cybersecurity, in my anecdotal experience coming from cybersecurity going into space, I was like, Wow, it's even worse in space. But the Queen Bee phenomenon is the phrase that sometimes comes up and I remember it came up a lot in my cyber years. I don't know how much we want to get into anything like that, but it's certainly sometimes some women self-select out because they go, I don't need things for women. I'm doing just fine on my own. That kind of stuff is for women who need help and I don't need help. And that's a whole other cultural discussion. Again, that is a very silent thing. I'll just leave that alone. I'll just leave that there. Yeah. But Simone, I see that you wanted to add something as well.

Simone Petrella: Yeah. Well, one thing that surprised me and yet didn't surprise me at the same time, was we obviously saw a kind of a really high volume of respondents that identified as more junior in their roles. And that was, you know, across the board, especially in technical roles. And I will caveat this to say it's hard to tell from the data whether because we had a separate management and leadership category, whether everyone kind of flowed over there. But it did strike me to see how much the levels of technical identification in roles that are technical in nature, like at the junior level, like, it started to drop off. And we saw less and less representation at the mid and senior levels. And I know something that Lynn and I have talked about and WiCys is incredibly passionate about, is the idea of when are women selecting out in the middle of their journey in cybersecurity as a profession? And why are they choosing to leave? And there's all kinds of cultural phenomenons and things like that. But the reason I found that so interesting is because it's not only around the membership and the women who are part of WiCys, but it's about all those corporate partners and, like, the industry and the ecosystem that surrounds it to say, What do we do, what do we now need to do or what do we need to promote so that organizations are prepared to support the development of individuals, and women in particular and anyone in a minority, once they're on that career journey? And that's not just support in technical training or career pathing. All those are important too, but then what are the cultural implications? How do you prevent them from wanting to step away potentially from the workforce?

Maria Varmazis: Yeah, it's sort of like once they're -- we're trying to get people through the door, but once they're in, what happens next? And people kind of go, I don't know, not much left for me there. Yeah, Lynn, please go ahead. You're having these conversations every day, so I'm so curious to hear your thoughts.

Lynn Dohm: Yeah, and that's why it's really important to have more data and to be able to dig in deeper into this information, is for our employer partners to really put intentional actions in place to avoid these pitfalls that women are experiencing in their career. And to piggyback on our state of inclusion assessment, it is showing that women are experiencing that glass ceiling around six to ten years within their career. So, what are we doing to overcome these challenges? And now we have data to help support what we've always heard. You know, what we've always heard all along and now we finally have some data and some real good valuable insights to share with others so that we could start, you know, making a difference.

Maria Varmazis: So, follow-up question for you, Lynn, then. Recommendations to organizations. And we've touched on this a little bit, but truly, I mean, this is not on an individual to take on and be like, I'm going to change everything. We need organizations to really step up and make some big changes. So what do organizations need to know?

Lynn Dohm: Organizations need to listen to this podcast and to understand that this is a launching pad. Like, this is an opportunity for them to take the information from the Cyber Talent Study and utilize it as a tool and to be able to understand that these are the main areas and pinpoint those challenges and to start really having these conversations about what are we going to look at our internal talent to ensure that they're not stuck in these common pitfalls that are being identified. Also, if you balance the diverse talents that are on your teams at around five to six years of an individual being in their career, to ensure that they have a very clear career growth and advancement mapped out in front of them. And as a direct manager to those individuals, that they're being very -- you know, they're paying attention. They're paying attention to the data that's being reported and if the value of their team is really crucial to them, then they would really pay attention to that career growth ahead of them as well. >>> Maria Varmazis: Any other advice for organizations in terms of takeaways here? I just want to see, Simone, go ahead.

Simone Petrell: Totally, I mean, totally agree with Lynn. Everyone should listen to this podcast. So let's get it out there. But, you know, to sort of add on to that, you know, organizations, you know, I'm going to throw the gauntlet at organizations to say those that are investing in talent development, they are, you know, sponsoring organizations and events that are committed to this. You have to then be able to also invest the time and the attention internally to be able to absorb it and find that career path. And I think it's really easy for organizations to say, We're going to put our name on this and we're going to do it, but then they're not committing to actually executing on the strategic vision to make that a reality and actually move the needle when it comes to changing the dynamic of women in the cybersecurity workforce. So, you know, my recommendation to them is forge the partnerships, create the relationships, but then do the work internally to understand what is your cybersecurity talent strategy? It is the largest operating expense that you have in your budget. I don't care how much money you have for tech. The biggest operating expense you have is in people, so you are already wasting money and you can spend it more efficiently for the little bit that you have if you actually come up with a plan for them. Men, women, minorities, anything, yeah.

Maria Varmazis: Yeah, yeah, no, that gauntlet has been thrown, everybody. It's down, let's do it. Yeah, I mean, this is not to disparage the study at all. This topic is not new, and I'm so glad to see that there's data around it, and it's been a very hard problem to get around because of all the many different facets to, you know, what a career growth is, you know, social dynamics, everything. I mean, it's been discussed ad nauseum. So it's so wonderful to see the actual data that people can look into it, they can dive into it and really sink their teeth in, and try and figure out how to make it relevant in their organization and also for the people on their teams. It's really fantastic stuff. So Jeff and Heather, I know I haven't heard from you in a little bit, I wanted to also get any thoughts from you about what you would like to see maybe organizations do with this information. Heather, do you want to go first?

Dr. Heather Monthie: Yeah, I think that this is -- this really does show that there are a lot of opportunities for WiCys members to step into leadership positions. And so making sure that, you know, as an organizational leader, that you've got the things in place to be able to help those people that, you know, have really figured out that they're good at these kinds of things. How can they progress in your organization versus silently going and looking for other jobs elsewhere and you're going to lose that talent, you lose that organizational knowledge and maybe even that industry knowledge. So figuring out ways to you know, really identify who these people are that are in your company that you know that they want to progress in their career, and helping them do that. That you've got something, you know, some sort of career pathway or some sort of mechanism that they can learn about the different opportunities in the company and make it easy for them to make that shift, whether it's a lateral shift, whether it's a promotion, whatever it may be. Don't put in things, processes and policies and things like this that make it difficult for them to do that, and then you end up losing that knowledge.

Jeff Welgan: Yeah, I was just going to say, I think I would like to maybe just highlight that this is just the start. You know, and it should be a start for any organization, wherever they're at in this journey. And I think it's important for organizations to realize it's important to start, but it's even more important to continue on with the journey. Like, I'm excited about looking at this in the future again, with WiCys, and, you know, let's go through another diagnostic in a year or two, whenever the right time is, and keep track of it, and let's use this data as a starting point along a journey to make adjustments where adjustments are needed. You know, and sometimes that is in a training and development plan and what can we can position to members or employees to help them in their career goals as it relates back to the organization. Sometimes it's refining job descriptions, to Heather's point earlier. How can you use the data to better reflect job descriptions and include, you know, make sure you're being inclusive in those descriptions so you don't exclude potential candidates. Sometimes it's part of a retention strategy. So the data I think that I want to highlight here is it's giving us insight into a static moment across some WiCys members who participated. But what it will do for us long-term is start evaluating and looking at these other components that Lynn was highlighting earlier, like, How does it tie into the diversity component? How does it tie into training programs? How does it tie into how we think about recruitment? So I'm excited about, you know, taking that journey and kind of, you know, seeing where the data can take us next time as we look at it with some longevity.

Maria Varmazis: Fantastic. I know we're starting to wrap up and we're coming close to the end of our time. I just want to give everyone a chance to do sort of a parting thought. Thoughts maybe what's next in the more short term? I know we've talked a bit about, you know, we need to revisit the study maybe in a year or two, but in the shorter term, what is next? Maybe Lynn, we'll start with you.

Lynn Dohm: Well, first of all we're going to take the time when this study gets released to celebrate WiCys members. I mean, let's just say here, outperforming all other participants in all the categories is quite an accomplishment. And like Heather showcased, you know, for junior folks to be performing at, like, these leadership roles, like, this is a time to really be empowered by that data and for our WiCys members to just, you know, pat themselves on the back and say, What are we going to do with this ourselves. The second thing is be on the lookout of what's to come. Not only more assessments available in the future to identify more additional data, but also training programs that are going to help support some of the findings of the study itself. So there's a lot to unpack here, and there's a lot to be super enthusiastic and excited about additional programming efforts moving forward. So we're really excited.

Maria Varmazis: Fantastic. I'll go, Heather, if you want to go next, then Jeff, and Simone, I'll have you wrap up.

Dr. Heather Monthie: Yeah, my advice is really more for the individual person who is trying to either get into this field or maybe progress in your career is to apply for the job. You see the job postings on LinkedIn, Indeed, wherever they may be. And even if it says there's 908,000 applicants already, apply for the job.

Jeff Welgan: I would say, you know, for my parting thought is that, you know, we have -- I'm going to be a little bit self-promoting here. We have this capability to help organizations get the same kind of insights into their own workforce. And I think the intelligence we can provide to those organizations and the key leaders who are making those decisions on their talent and talent strategy, there's a solution for you. And you can be empowered to do something with that data. So I would leave any listeners with that thought, that, you know, feel free to reach out to us. We are passionate about this mission set, just I would say workforce intelligence around cyber and how we can support teams. So we're happy to support you and your talent development strategy.

Maria Varmazis: Last word to you, Simone.

Simone Petrella: Well, I think first and foremost, my kind of what's next immediately is, you know, Lynn and I have talked about we are very committed to taking this message out on the road. We're going to be presenting the findings of our study at the upcoming NICE conference. That's the National Initiative for Cybersecurity Education. So they have their annual conference. We'll be presenting there. And we'd like to keep using any forum we can and any stage we can to sort of proselytize the importance of the work we're doing, the type of insights you can get from collecting this type of data, understanding the WiCys message, understanding how you can implement it in your own organization. And I think that that has to be put on a bigger and bigger stage over time. And then, you know, as far as what's next for N2K, I'm really excited to see where we start to make recommendations on programming with WiCys and where, like, what that looks like for them and how do we actually get the feedback on what programs they implemented and how do we track, you know, what is working and kind of where folks are on their journeys in this field.

Maria Varmazis: Fantastic. Lynn, Heather, Jeff, Simone, thank you, all four of you, for joining me today and for walking me through this fantastic Cyber Talent Study. I'm looking forward to seeing everything that comes out of the study and all the follow-up steps. This has been a great chat, so thank you all for joining me today.

Dave Bittner: That's Maria Varmazis, host of N2K's "T-Minus Space Daily", along with WiCys Executive Director Lynn Dohm and N2K's Simone Petrella, Dr. Heather Monthie, and Jeff Welgan. You can find more information about the 2024 Cyber Talent Study in the show notes. [ Music ]

Special Editions
Podcast Info
HOST(S):
Dave Bittner
Dave Bittner is a security podcast host and one of the founders at CyberWire. He's a creator, producer, videographer, actor, experimenter, and entrepreneur. He's had a long career in the worlds of television, journalism and media production, and is one of the pioneers of non-linear editing and digital storytelling.
Creator: CyberWire, Inc.