How companies can diversify their cybersecurity teams

At RSA 2019, Elena Elkina of Women in Security and Privacy discussed how businesses can seek out female and minority candidates for cybersecurity jobs.

How companies can diversify their cybersecurity teams

At RSA 2019, TechRepublic Senior Editor Alison DeNisco Rayome spoke with Elena Elkina of Women in Security and Privacy about how businesses can seek out female and minority candidates for cybersecurity jobs. The following is an edited transcript.

Alison DeNisco Rayome: And can you tell me a little bit about your organization and what you guys do?

Elena Elkina: Sure. Women of Security Privacy is a nonprofit organization. We are dedicated to advancing women in securing privacy fields. We do it through practical training, leadership training, opportunities and jobs search.

Alison DeNisco Rayome: And we know that there's this big talent shortage right now in terms of cybersecurity. And we also know there's a big gender gap. Can you talk a little bit about why companies should be paying attention to that and kind of how they should get more women into the field?

Elena Elkina: So I think there are like two separate questions why companies should be paying attention to it and how to get more women. So I'll start with why. I think a diverse team just perform better. They're more creative. They are more excited to come to work every day. They build that up product, they provide better feedback for the products. And how can you create an amazing, great product if you only have male or female team members on your team? So diversity really creates this amazing atmosphere for creativity and innovation. And, I think information security field is not an exception. And the more women we have, the more diversity inclusion we have in information security field, the better we are as an industry.

And turn to the second part of the question, how to get more women information security field. I think it takes a village and then a couple of different angles. But companies should start with looking at the job descriptions. Look at job descriptions and job postings and see how they convey their job responsibilities to the audience. If it's very male focused, it will turn off women from applying. So I would do that. Then talk to the HR team. Train them, explain that it's not only about finding the right skills but also finding the right talent. And that includes diversity, inclusion. Explain it to the HR team that sometimes, maybe it's not as important to have all the list of skill set and certification on the table, but bring the right person to the team. And having this conversation, I think it's very important. Then look at your policies. Look at your diversity inclusion policy, your sexual harassment policies and your culture, and see if there are any changes that needs to be made. And, talk to executive teams and overall training for the company to educate your audience, what your company want to be seen as.

SEE: Hiring kit: Chief diversity officer (Tech Pro Research)

And I think these are very important things, but also partnering with organizations like Women in Security and Privacy. We do our job very well in the industry and we tried to bring women into information security and privacy and we believe that privacy and security are merging. They created a new field called their protection or something else, but it's very important to have both privacy and security women and men on the same team. So part of the organization like ours, Women In Cyberjutsu or WiCyS, there are so many other organizations who do this job very well. And help them to address your needs and your issues by bringing the right talent, attract the right applicants, changing your culture or being seen in the industry as someone who cares about diversity. I think it's very, very important.

Also see