Channel, Uncategorized, Networking

Diversity Matters in Cybersecurity

Share
Author: Shailaja Shankar, SVP and GM, Cisco Systems
Author: Shailaja Shankar, SVP and GM, Cisco Security Business Group

It’s as serendipitous as it seems designed that there are two important worldwide recognitions in October: Global Diversity and Cybersecurity Awareness. The intersection is a powerful reminder for the security industry that diversity fuels innovation. The more varied the experiences and thinking of its people, the better the outcomes.

We know instinctively that Diversity and Inclusion (D&I) matters. It offers advantageous returns, by boosting innovation, creating a happier employee culture, and offering financial rewards. Diverse companies are more likely to have higher profitability. Likewise, gender-diverse organizations are 45 percent more likely to improve market share and achieve 53 percent higher returns. Among ethnically and racially diverse cybersecurity professionals who also identify as “people of color,” optimism is strong and job satisfaction is high, despite the unique obstacles they face.

Most executives will say that there’s no greater asset than a diverse workforce, especially when it reflects their customers. Cybersecurity draws from a diverse set of people from different fields, industries, geographies, and ethnicities. As I look at the Security Business, it’s clear our team comes from all walks of life and corners of the globe. It’s our diversity that keeps us connected to our customers’ needs

While there has been progress, a lack of diversity industry-wide persists. And it’s not good for anyone. There are those who eagerly want to join the cybersecurity industry but have not found their way in. Those with relevant education and experience but whose talents are undervalued. And the industry at large can be a change agent. The cybersecurity industry depends on diverse talent and their unique approach to problems.

Multifarity among malicious thinkers

Cybercriminals are our biggest competition. They are organized, motivated, sophisticated, shrewd, well-funded, resourceful, and have an extensive array of skills. And while they may have a one-track mind, attackers are often part of a complex and diverse web of accomplished hackers. Lone rangers they are not. In fact, in an assessment of last year’s SolarWinds attack, at least 1000 engineers were involved in creating the attack. That’s a lot of aligned malicious minds.

Our best chance in defending against cyberterrorists depends on how well we understand their psychology and behaviors. Attackers come from all backgrounds and work in a borderless environment. So, it behooves our team to be as diverse to drive creative thinking and innovation and combat their hostile efforts. A cybersecurity team embodying individuals with varying experiences offers a fresh outlook and perspective. And our collective differences make us smarter, by fusing our cumulative knowledge when tackling security challenges.

The diversity of our team better positions us to think like the attackers. It can improve how we consider how attackers look at their opportunity, and how we contemplate their various assumptions. It can give us a clearer ability to envision approaches attackers are utilizing, while also predicting their behavior patterns. Diversity is powerful in how it helps us develop solutions to adequately defend against attacks.

Value in the (UN)like-minded

Part of a diverse team’s composition is their educational and experiential paths into cybersecurity. Not all cybersecurity professionals’ routes into the field are the same. Some take a road less travelled. In fact, 30 percent of all cybersecurity roles are filled by people with non-technical backgrounds. And there’s a cybersecurity workforce gap of 3.5 million global IT jobs unfilled, meaning the workforce needs to grow by 145 percent to help close that gap. That’s a lot of non-technical jobs.

Embracing talent beyond traditional cybersecurity-related experiences and education helps diversify the talent pool. It mixes things up and brings together unlike-minded cyber-sages who can add immense value. Loosening the antiquated criteria and requirements will allow teams to identify quality team members—who otherwise would be overlooked.

Not just one of the guys

As a woman of color, Asian descent, and a non-native English speaker, I spent much of my early career trying to be “one of the guys.”  It is not something I am proud to admit, even today. Yet, it is a prominent part of my professional journey, and not a dissimilar experience to others of diverse backgrounds.  In my mind then, being one of the guys meant that I would fit in with the team. It also meant that I thought about how to not make a big deal about my identity as an Asian or woman. Of course, everyone noticed, regardless. I, too, appreciate the irony.

The realization that I was not helping pave the way for others from diverse backgrounds came as an “ah-ha” moment. Owning it made me feel more empowered. It also enabled me to be even more impactful for the organization.

Cisco’s commitment to D&I is one of the many reasons I chose to join the company. I knew that I would have the ability to positively impact opportunities for people from all walks of life. I’d like to think that my role leading the Security Business Group is helping move the needle in a positive direction. And it’s why I was so pleased to share my path with Cisco’s Women in Technology group and show others what is possible.

While there is a much more to do to ensure we have the best minds from the most diverse backgrounds, I’m committed to supporting Cisco’s D&I initiatives and creating opportunities within the Security organization.

Making change happen

In an industry where success is determined by your latest and greatest innovation to market, we are committed to investing in our people. Cisco prioritizes career-long professional development for those already in the field, identifying pathways into the workforce for new entrants, and career advancement. And knowing that there’s a trend among various underrepresented groups—including millennials, women, and racial and ethnic minorities—who are more likely to place value on these programs, we are committed to their growth with us.

Cisco Secure’s People & Community team is implementing programs designed to address the unique challenges faced by these underrepresented groups. And we are putting our money and resources where are mouths and hearts are to encourage more inclusion and diversity. Some of our recent initiatives, include:

  • Opening doors for the next generation of talent
    • Developed the largest and most diverse S. Security Intern class to date in 2021
    • Introduced STEM programs and careers to high school juniors and seniors through our executive sponsorship of the Cisco High Externship
    • Aligned with CEOs and leading companies—all members of the OneTen coalition–to upskill, hire and promote one million Black Americans over the next 10 years
  • Giving diverse groups a voice and platform
    • Focusing on the next generation of diverse women leaders in Cisco Secure with mentorship programs like AccelerateHER
    • Driving authentic conversations among diverse groups of employees across the Cisco network, including Latinas in Tech and Lesbians Who Tech
    • Sharing insights on “Balancing Ambition with Adversity” with nearly 9,000 virtual attendees during the Women in Tech 2021 Online Festival where we were a sponsor

Rally for the cause

As we experience the dramatic surge in cybercrime, the war for cybertalent becomes more challenging. We must be creative about building our bench strength and that involves rallying for diverse talent with a passion for making a difference.

Together, we can increase awareness of the need for diversity in cybersecurity. As we celebrate both Global Diversity and Cybersecurity Awareness Month, let’s use this as a starting point to tap our networks and encourage diverse talent to join the industry—from high school and college students to recent graduates and professionals in adjacent fields.


This guest blog is courtesy of Cisco Systems and authored by Shailaja Shankar, SVP and GM of Cisco Security Business Group. Read more Cisco guest blogs here. Regularly contributed guest blogs are part of ChannelE2E’s sponsorship program.