top of page

CREST Shares How Equity, Inclusion, Diversity Could Bolster Strong National Cyber Security Strategy

CREST, a global not-for-profit community of cyber security businesses and professionals, has launched a best practice guide aimed at fostering greater equity, inclusion and diversity (EID) in national cyber security strategies. The guide provides practical information for government departments responsible for developing a National Cyber Security Strategy (NCSS) that is more diverse and inclusive. The NCSS is a framework describing a nation’s strategy to ensure a resilient, trusted and robust cyberspace. A clear plan to grow and nurture the talent pipeline is part of this strategy, ensuring that people have the right skills to fight ever-evolving cyber threats to national security.

CREST CEO Nick Benson says that a more diverse workforce would deliver myriad benefits, including fresh, creative perspectives on how to solve complex security problems. The 2021 Cyber Security Workforce Study from (ISC)2 indicates that organizations need 2.72 million additional professionals to defend their critical assets adequately.

The 33-page free guide provides up-to-date descriptions of what equity inclusion and diversity mean in the context of the cyber security sector, including age, disability, neurodiversity, gender, sexual orientation, race, religion and socio-economic background.

The guide describes how to include EID considerations in an NCSS, with examples of international strategies that have taken EID into account. The report delivers examples of good global practice and how to measure the success of a strategy. However, the report stresses that EID is about more than simply including policies in an NCSS. Recruiting and retaining more diverse cyber security professionals requires genuine collaboration with all stakeholders in the cyber security ecosystem.

The report is one of several produced by the not-for-profit organization to help build capacity and consistency in the cyber security industry, aimed at companies and individuals who need to understand the importance of EID in cyber security strategy. ###


bottom of page