Grant / January 2021

Evaluating equity and bias in cybersecurity related job descriptions and the impact on the cyber talent pipeline


Cybersecurity workers are in high demand but short supply. During the Covid-19 crisis, we have seen a greater need for cybersecurity professionals as e-commerce has skyrocketed, universities have shifted online, and millions of Americans are working from home on personal networks. There are also significant diversity challenges to the cybersecurity talent pool since women represent only 11-24% of the total workforce. Every day we read about another company’s data being breached. These attacks outpace defense mechanisms, and one reason for this is the lack of a competent cybersecurity workforce. The cybersecurity workforce shortfall remains a critical vulnerability for companies and nations. Conventional education and policies cannot meet the demand and we need new solutions for how to create awareness about, identify, develop, and train talent.

Our project is an exploration of the role of job descriptions and hiring policies in signaling the relevant skills for a diverse and competent cybersecurity workforce. Using an experimental NLP technology, we will test the traditional cyber job descriptions with mandatory degree requirements, against an adapted job description (removing mandatory degree requirements and creating a skills-based fingerprint). We will use a mixed method approach to collect qualitative and quantitative data from a diverse set of undergraduate and graduate students at UC Berkeley to evaluate the likelihood of (a) relevance of job posting and (b) likelihood of being a successful candidate from the student and employer perspective. We will analyze the findings with a focus on the interplay of job descriptions with automation, hiring practices and anti-discrimination laws.

Findings, Papers, and Presentations