Influencing Diversity, Inclusion And The Next Generation Of Cyber Worker
Day Two Highlights Of The 13th CISO Exchange
Data loss, security breaches and cyber-attacks are frequently in the news. This is a new level of visibility and risk for organizations. While security programs are being scrutinized more than ever, the industry should not be apologetic for past decisions. As organizations have grown and increased market competitiveness, many will have also outgrown their security defenses, tools and processes.
Enhancing Supply Chain Resilience
Instead of dwell on the past, the proactive security leader will mobilize the organization into a plan of action that aligns with the overall business objectives. One area discussed during the 13th CISO Exchange was exploring corporate risk management strategies to enhance supply chain resilience and eliminate costly disruptions.
A trap that organizations fall into while building relationships is when your risk model relies upon ‘Oh, we’ve worked with them for 15 years’ and having this behavior become acceptable. “The opposite of zero trust is trusting blindly,” said Turner Construction Company CISO David Sheidlower. The adage of “trust but verify” applies in this situation.
Winning The War On Diversity And Inclusion In The Cyber Workforce
The journey to becoming an enterprise cyber security leader is inconsistent. Unlike some career fields that progress from acquiring skills through education to gaining real-world experience, the traditional resume may not adequately identify what makes a good CISO. Finding the right candidates or influencing workers in other roles becomes more complicated when consciously looking to build a diverse workforce. Women in cyber leadership roles highlight managers, mentors and emulating traits of key people in contributing to their success. Increased effort remains to achieve the benefits of diversity and inclusion in the cyber workforce.
As veteran security leaders look to identify and nurture the next generation of practitioners, there are several ways that knowledge and experience can be applied to growing and diversifying the workforce. Some CISOs are paying it forward by teaching or volunteering while others are authoring books or working with interns about the cyber field. In addition to finding additional ways to use time for the benefit of others, every day is an opportunity to be an example that others want to emulate.
Why should leaders of business emphasize diversity? There are a variety of ideas to addressing this question. Some view the business objective as building a high-performance security team based on critical thinking skills. Others see an opportunity to being others with different views and experiences into the situation. Perhaps the rationale is to achieve a loftier goal of improving the overall customer experience and diversity helps accelerate this outcome.
See Related: The Need For Diversity In A Cyber Security Workforce
Some organizations have not found much success in encouraging women to consider a cyber security job. The conversation needs to go beyond the “No, thank you” reply. Understanding the reasons for hesitation provides the organization an opportunity to consider way that those concerns can be overcome.
In order to become an advocate for diversity and inclusion in the cyber workforce, elicit opinion from those around you about what information or insight would encourage and influence consideration of pursuing a cyber career.