All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-lack-of-diversity-in-cybersecurity/)
Cybersecurity teams are notoriously not diverse. At the same time we keep hearing and talking about the need for diversity. Is it critical? Can you be just as successful without it?
Check out this Twitter feed for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series and Allan Alford (@AllanAlfordinTX). Our guest is Christopher Zell, vp, head of information security, The Wendy's Company.
Thanks to this week's sponsor, Electronic Frontier Foundation.
On this episode of Defense in Depth, you’ll learn:
- Discussion is based on a quote by one PayPal co-founder, Max Levchin, who said, "The notion that diversity in an early team is important or good is completely wrong. You should try to make the early team as non-diverse as possible."
- There is diversity of people and there's diversity of opinions. Those two often go together, but they don't have to.
- While appalling, there is some truth to Levchin's statement. When everyone thinks the same you don't have conflict and can move quickly.
- But lack of diversity of opinion means you don't see the full picture and that can make you susceptible to unforeseen vulnerabilities.
- If you don't know what problems you're facing, you should want diversity.
- Minorities often face different and more struggles than those who never have to suffer diversity issues. They've been hardened and that should make them an even more attractive candidate.
- Start building your diverse network now. When it comes time to hire diversity and you don't have that network already in place, you're going to have a very difficult time.
- For more, check out the (ISC)^2 study "Innovation Through Inclusion: The Multicultural Cybersecurity Workforce" and Computerworld article, "The next tech skillset is ‘differently-abled neuro-diverse’".