Last week at AWS re:Inforce, a security company event that took place in Boston, had a welcoming message about diversity. It appears that given the sheer number of people needed for cybersecurity in the coming years, this could be a way for historically underrepresented groups to find their way into technology.
CJ Moses, Chief Information Security Officer at AWS, spoke about the importance of thinking differently when it comes to securing companies. “Another key part of our culture is having multiple people in a room with different perspectives. It can be introversion or extroversion coming from different walks of life or cultures, whatever allows your culture to see things differently and challenge each other,” he said.
He added that new ways of thinking could change cybersecurity teams. “I also think new hires can offer a high level of clarity to the team because they don’t have years of bias or groupthink built into their gear. So when you’re hiring, our best practices encourage you to be mindful of the composition of the interview panels, to have different perspectives and experiences, because diversity brings diversity.”
Jasmine Henry, Field Director of Startup Security JupiterOnerecently helped put together a book called A new invention of cybersecuritylooking at how women and transgender people are helping to transform cybersecurity. But to fully achieve this transformation, companies will need to hire more diverse candidates. Henry sees it as an industry responsibility to make the workforce more diverse, especially in large organizations like AWS.
“I think there are a lot of people who really want to break in. I think of it more as a skill mismatch than a skills gap, as there are people who are willing, able and willing to work. [in this field]. So I think employers, especially large employers, have a big responsibility to educate these professionals, upskill their own workforce, partner with community groups… educate people who want to take on these roles,” Henry said.
She said that when people like her take to the field, they can help others climb the ladder, helping them gain the skills they need to work in the field. “I am a first generation college graduate, I am not from wealth. Security has made me middle class and I’m proud of it. And I’m very passionate about mentoring others, especially first-generation college graduates,” she said.
In general, the tech industry doesn’t handle diversity very well. According to Zippia recruitment site, only 25% of tech workers are women even though they make up half the population, 7% are black despite being 14% of the total US population, and 8% are Hispanic despite being over 18% of the total US population.
If you look specifically at cybersecurity jobs, women make up 24% of those jobs, blacks make up 9%, and Hispanics make up just 4%, according to the study. Aspen Institute.
Jenny Brinkley, chief security officer at AWS, says Amazon takes its responsibility to hire more diverse staff very seriously. In fact, she says the company sees security as a way to bring more diversity to the company as a whole. “We are really focused on how we can contribute [as a company]whether it be through the contribution of open source to scaling talent, creating and identifying skill gaps for these cybersecurity jobs,” she said.
Echoing what Moses said in the keynote speech, Brinkley believes that security, in particular, requires diverse thinking. “We can start talking more about neurodiversity and think about inclusion, equity and diversity in general. Is security really the point where we can start talking about how you create and find the people to do these jobs?” She added that these are jobs that can create wealth for generations of people, and she sees great opportunities for people who have historically been left out of the industry and similar high-paying jobs in general.
Henry says that when she put the book together earlier this year, she saw a way to enhance the diversity of voices and see the diversity that already exists in the field. “I really learned a lot about myself along the way, because I realized that I had to deliberately consider diversity when choosing writers, and also understand that many people wanted to talk about identity. They wanted to discuss security through an intersectional lens,” she said.
Aspen Institute some specific suggestions to increase diversity in cybersecurity, including reducing the cost of certification, which certainly could be done by larger companies; establishing partnerships with organizations that can attract more diverse candidates; and the creation of mentoring programs targeting, among other things, different people.
Credit: techcrunch.com /