Breaking the Mold: Envisioning the Cybersecurity Workforce of the Future

The Cybersecurity Midwest Summit 2022, hosted by CDO Magazine and ComSpark, conducts discussions on cybersecurity in the session “Breaking the Mold: Envisioning the Cybersecurity Workforce of the Future.” The following panelists discuss diversity in cybersecurity and share organizational strategies to achieve it:

• Jon Rike, CIO, City of Dayton

• William J. McCaster, Vice President & Chief Information Security Officer, Ohio National Financial Services

• Bryan Willett, Chief Information Security Officer, Lexmark International

• KL Allen, Chancellor, WGU Ohio

Nick Schroth, Strategic Partnerships Manager, WGU Ohio, moderates the session.

As a CISO, Willet ensures that spending time with employees is a crucial leadership investment strategy. He adds, “There are financial investments that we can make in training, but it is all out of context unless the employee understands where you are as it relates to supporting their career trajectory and aspirations.”                        

According to Rike, it is crucial to coach employees and help them understand how to secure the environment while sustaining business. Sharing his opinion on the subject, McCaster says “We invest in our employees to motivate them intrinsically and extrinsically. Employees with excellent soft skills, alongside technical skills, become successful in cybersecurity.”

Willet maintains that individuals must understand business. The next three characteristics required for success are grit, persistence, and persuasiveness. He adds that prioritizing workforce diversity is a must as organizations compete for the same scarce pool of candidates. 

Further, Willet hopes to promote diversity in cybersecurity by getting deeper into the business to find people with an aptitude for security. Concurring with the other panelists, McCaster says “I think it starts with the recruiting process, not pattern matching for skills and talents and people that you already have. You are not trying to build a fraternity. You are trying to build a workforce.”

He also said that misconceptions about entering the cybersecurity field include requiring a college degree, mastering technology, and limited opportunities. For someone willing to enter the cybersecurity realm, McCaster suggests the following:

• Have an interest in cybersecurity.

• Have a mentor in the security field.

• Take advantage of cross-training opportunities.

• Join workforce development programs.

“No role within IT has evolved more than the CISO,” Rike says. He asserts that the cyber landscape has a place for everybody, and he urges organizations to educate the workforce about cybersecurity programs.

The panelist believes that CISOs are at the same table as CIOs and are helping mitigate risk. With great storytelling, the CISO helps analyze the situation and get decision-makers the clarity needed for decision-making. “It started as a highly technical role and has evolved into one that is more of a leadership role,” Rike notes.

According to Willet, future CISOs will be business-oriented and need to create awareness about financial risk management. “If we can get the education system to incorporate that into the engineering field, it changes the dynamics of what a CISO needs to be later on,” he says.

Sharing his viewpoint, McCaster says “Information security is not IT, but a business within itself. It needs to run and operate like a business and be concerned about the right cost.”

To prepare individuals for leadership roles, Willet recommends experiencing multiple business areas to understand operability. Citing an example, he mentions hiring outside IT and security organizations while hiring for governance and architectural roles.

In conclusion, Rike advises individuals to be committed to a lifelong learning process and think strategically to succeed. 

Watch other Cybersecurity Midwest Summit 2022 sessions HERE