BY Meghan is lazy08 September 2022, 14:54
General view of the Microsoft store in Oxford Circus. (Photo by Vuk Valcic—SOPA Images/LightRocket/Getty Images)
The world’s biggest tech companies have a vested interest in addressing the global cybersecurity talent shortage. By 2025, 3.5 million cybersecurity jobs will be open worldwide, a 350% increase over eight years, according to Cybersecurity Ventures, and Microsoft intends to close that gap.
The high demand for cybersecurity experts is reflected in the salaries for these positions in the United States. Microsoft estimated that in 2021, the country had 464,200 vacancies requiring cybersecurity skills and the average salary for these jobs is $105,800. Some estimates of salaries for cybersecurity workers are even higher. Companies like Booz Allen Hamilton report that entry-level cybersecurity employees have annual earnings of around $150,000. The median base salary for information security managers, which typically requires a master’s degree, is $584,000, according to a Heidrick & Struggles survey.
Despite high demand and six-figure salaries, only 3% of U.S. bachelor’s degree graduates have cybersecurity-related skills, Cybersecurity Ventures reports. This skills gap is what Microsoft hopes to change by focusing on the lack of diversity in IT and cybersecurity. Among cybersecurity specialist jobs, 83% of these positions are held by men and 72.6% by whites.
What’s Included in Microsoft’s Cybersecurity Skills Initiative
In 2021, Microsoft launched its Cybersecurity Competency Initiative, which called for the company to provide $150 million to federal, state, and local governments to support cyber protection upgrades for government agencies and pledged to spend $20 million. billion to advance their security solutions over the next five years. The initiative also included a large-scale effort to support cybersecurity education.
Microsoft works with 181 community colleges in 44 states to try to provide accessible pathways to the profession. The tech company has launched a campaign to recruit 250,000 people into the cybersecurity workforce by offering a free cybersecurity program to all U.S. public community colleges, providing college faculty training, and offering a financial support for 25,000 students. Microsoft declined to provide the full list of partner schools to Fortune.
Along with Abbott and Raytheon Technologies, Microsoft is also supporting the HBCU Cybersecurity Industry Collaboration Initiative pilot project. The program, which will run through fall 2022, involves collaboration with the engineering schools of four historically black colleges and universities: Hampton University, North Carolina A&T State University, Prairie View A&M University, and Virginia State University.
To learn more about how Big Tech is working to close the cyber skills gap, Fortune spoke with Naria Santa Lucia, senior director of digital skills and employability at Microsoft Philanthropies.
The following interview has been edited for brevity and clarity.
“Cybersecurity is going to be a strong growth industry”
Fortune: The demand for cybersecurity experts is not new, so why has Microsoft decided to launch these initiatives over the past two years?
St. LUCIA: We’re a digital business, and so when there’s an alignment between where the business is heading and where we’re heading societally, the connection between those two things is where we can really make a big difference.
COVID-19 has obviously created a ton of opportunities for digital transformation. At one point, our CEO noted that at the start of COVID, two years of digital transformation happened in just two months – and it only grew from there. Additionally, cyberattacks and threats have increased significantly. So everywhere, from our products to communities to nation states, how is Microsoft helping?
From my point of view, cybersecurity is going to be a strong growth industry. So we asked ourselves: how can we ensure that people with the talent, ability and interest, especially those who are currently excluded, have a pathway to these roles?
Fortune: How is Microsoft supporting college efforts to expand cybersecurity programs, and how are you ensuring these efforts are sustainable?
St. LUCIA: We have partnered with the American Association of Community Colleges to help build the capacity of administrations and faculty to teach computer science in all of these schools. We also partner with the National Cyber Training and Education Center (which stands for Centers of Excellence for Community Colleges) which allows schools to prove they are ready to deploy cybersecurity content.
There are many ways to find cyber talent. On the one hand, there are those people who may be in a different IT role who, with a bit of retraining, can get into cybersecurity. At the other end are the people who may never have had a chance in a technical role, but can go through the whole learning process and get those skills, certifications or credentials to enter the field.
Both of these audiences are served at community colleges across our country. Not only do they have people taking these degree programs, but there are also members of the workforce who can come in and hone their skills. Community colleges are also very affordable and they are everywhere. That’s why we think doubling the investment in community colleges is a great way to quickly fill this talent gap.
Right now there are so many cyber threats and there are so many opportunities for new jobs and new roles in this space. I think if anyone has even a little interest in solving problems and is curious about the cybersecurity field, a really good place to check it out is your local community college.
Why it’s important to break cybersecurity stereotypes
Fortune: To meet the demand for cybersecurity skills, why is it so important to focus on the career paths of underserved communities?
St. LUCIA: We have found that the more we can really target, especially to underserved populations, the better. Previously, we launched a global technology skills initiative at the start of COVID. We far exceeded our goal of reaching 25 million people and when we started to look under the hood of this initiative, we saw that certain roles were cropping up, and cybersecurity was one of them. There are many different types of cybersecurity jobs, from analysts to people who create the technology. It is also a diverse set of roles.
After realizing this was a great opportunity to hone talent and find roles for the underserved to succeed, we went out and spoke with several community colleges and asked if students were interested. and, if so, what were the barriers to producing more cybersecurity. Talent. And we found that the students are very interested. Barriers included lack of access to up-to-date curricula, limited faculty bandwidth, and students themselves often needing financial assistance to pursue these programs.
There are a lot of stereotypes about IT professionals and I think a lot of the issue of diversity in cybersecurity and IT has to do with those stereotypes. I once asked a community college manager what kinds of people were really good at cybersecurity. And he told me, honestly, anyone who’s curious and likes to solve problems. When you frame it like that, that’s a lot of types of people, isn’t it? A lot of people might say they love a good mystery or a good puzzle.
So I think we need to break those stereotypes, which is why I’m really proud that we started our work first with community colleges because it’s a system that’s very robust across the United States—and this system has many women and many students of color. If we can really leverage that infrastructure to start spreading that message, that’s a good start to diversifying the pipeline.
Find out how the schools you’re considering fared in Fortune’s rankings of the best master’s programs in data science (in-person and online), nursing, computer science, cybersecurity, psychology, public health, and analytics commercial, as well as the Ph.D. in education programs MBA programs (part-time, executive, full-time, and online).