Helen Hayes
The severity and ferocity of cyberattacks are real. Ransomware, data theft extortion, and social engineering attacks continue to rise and threaten individuals and the industry. Business and government are responding, but it is proving difficult to keep up with the rapid pace of breach technology. Some industries saw a 60% year-over-year increase in the number of attacks from 2022 to 2023, resulting in about 482,000 open cyber jobs in the United States.
The need to increase the talent pool is attracting the attention of the White House, which responded by eliminating the college degree requirement for federal cyber contractors. This bold, forward-thinking move broadens and diversifies the applicant pool, but the focus must go beyond Washington to truly impact the industry. Hiring managers here in Colorado, where there are 14,400 open positions, should take note.
When hiring managers reduce barriers to employment and cast a broader network of skilled cyber technology workers, they reduce hiring costs, reduce time to fill positions, improve retention, and diversify their workforce. Unfortunately, outdated evaluation and hiring criteria do just the opposite. Instead of prioritizing digital competencies and hiring for new, relevant skills, most entry-level tech job descriptions unknowingly clog the talent pool by requiring a four-year degree to even apply. As of this writing, a search for entry-level cyber jobs on Indeed.com showed that 85% required at least a four-year degree. More than half asked applicants to have a master’s degree.
Stay up to date: Sign up to receive daily insights delivered to your inbox Monday-Friday
This practice hurts more than just employers who need to fill critical cybersecurity positions. College degree requirements perpetuate inequalities and effectively close the door to economic success for those who cannot afford a four-year college education. The Census Bureau reports that more than 62% of Americans over the age of 25 do not have a college degree. Here in Colorado, 70% of people born here do not earn a college degree, leaving the state reliant on importing college-educated workers from other states instead of developing local talent. With the obvious threats posed by cybersecurity and the speed at which they are evolving, Colorado employers must prioritize digital competency, acquired skills, and certifications across four-year degrees for entry-level technology roles. So why rely on the anachronistic measure of a four-year degree?
The benefits of inclusive, skills-based hiring go beyond access to more cybersecurity candidates. By eliminating discretionary degree requirements, companies add diverse perspectives, work toward diversity, equity, and inclusion (DEI) goals, and provide opportunities for more Coloradans. Companies and human resources executives must be willing to look beyond the check-here box for a degree. Fortunately, several forward-thinking organizations in Colorado are, and a CompTIA Workforce report shows the idea is gaining traction among human resources professionals.
Ardent Mills is North America’s leading flour supplier. Sarah Herzog, its senior director of strategy and collaboration, has embraced skills-based accreditation, saying: “We believe that having multiple paths to develop a skill set in technology and business knowledge is critical to having a long-term sustainable workforce. Having a mix of roles that don’t all require traditional college degrees but offer entry points to different backgrounds allows us to better tap into a diversity of experiences we wouldn’t otherwise have.”
The Colorado Governor’s Office of Information Technology (OIT) is another advocate for eliminating the college degree requirement for entry-level IT positions and developing tech talent through apprenticeships. ILO Chief People Officer Bob Nogueira believes that focusing on apprenticeships and hiring skills has allowed the state to have a collaborative and efficient interview and hiring process, and identifies candidates who can more quickly become productive members of its equipment.
Even traditional higher education institutions recognize the value of hiring for skills. Metropolitan State University’s Cyber Security Center facilitates certification with hands-on experience for participants of 15-week cyber fundamentals boot camps, giving students the opportunity to achieve economic equity without a four-year degree.
Other advocates for hiring based on skills instead of degrees include experienced information security professionals. The nonprofit organization ISACA surveyed its cybersecurity members and found that they overwhelmingly believe that practical experience, credentials, and specific training courses are the most important factors in determining whether a cybersecurity candidate is qualified and positioned for success. .
Building cybersecurity resilience requires a solid foundation and a rapid response to the current tech worker bottleneck. Eliminating or relaxing degree requirements in favor of skills-based qualifications for entry-level technology jobs expands the talent pool to fill jobs faster, while creating an economic and community boost for our citizens and the state.
With strong partnerships and a new approach that rethinks what’s important, we can address Colorado’s cyber technology talent shortage and shore up Colorado’s industry and economy against attacks.
Helen Young Hayes founded ActivateWork, a nonprofit recruiting, training, employment and mentoring organization that offers post-secondary credentials that advance economic mobility and IT careers for exceptional and diverse technologists.
[fifu]
Keynote USA
For the Latest Local News, Follow Keynote USA Local on Twitter.