A customer walks into a clothing store to purchase a pair of pants. The salesperson directs them toward ten racks, all filled with khaki pants. Some are slightly different colors. Others are hemmed differently. But overall, the pants are essentially identical: monotonous, repetitive and drab. The problem is, the customer wants jeans, yoga pants and navy slacks. They feel isolated, confused and like they don’t belong. They leave the store without buying anything.
While this may seem like a silly example, those feelings of isolation are all too real for millions of members of the workforce. For many years, Diversity, Equity and Inclusion (DEI) programs have attempted to attract underrepresented groups for available opportunities and ensure candidates are evaluated fairly. Yet sadly, 30% of tech companies say DEI programs are not vital to the overall success of their company, reports Built In.1 And over half of employees feel their company either needs to improve on these initiatives or is making a very poor effort in it.
Organizations are under increased pressure to improve DEI initiatives — whether they want to or not.
Challenges to Implementing and Managing DEI Initiatives
Knowing Where to Start
One of the biggest challenges faced by organizations implementing diversity initiatives is knowing where to start. This often stems from leadership that either doesn’t believe there is a problem or is not committed to fixing it. If top management doesn’t “buy in” to the initiative, it sends a message to the company that it isn’t a priority.
Resistance to Change
In addition, resistance to change may come from employees or leaders that aren’t comfortable with the topic. Some might even feel threatened by these efforts, which could lead to employee uncertainty and confusion.
To create an inclusive culture, organizations need to raise awareness and implement mechanisms to reduce bias. Bias can hinder success in recruitment, promotion and decision-making processes and could lead to unequal opportunities. Regardless of if it is conscious or not, bias must be reduced.
Integrating diversity in the hiring and promotion processes is essential. But if the organization can’t offer an inclusive environment, it won’t survive long.
Employees need to feel included, engaged and like they have equal opportunities to grow. And that requires ongoing support, mentoring and career development. As part of this, organizations have to assess deep-rooted cultural norms and existing power dynamics that could hinder inclusivity. This usually includes removing opportunities for verbal or behavioral slights that result in hostile, derogatory or negative perceptions of a marginalized group. Whether intentional or unintentional, these microaggressions can cause macro-damage.
Measuring and Tracking
Once a program is implemented, the next challenge is measuring and tracking progress by quantifying the impact of the initiatives on the business. DEI programs are not a one-time endeavor and must be embedded in the organization’s core values and processes.
How Diversity and Inclusion Initiatives Can Reduce Cyber Risk
New Perspectives Foster New Solutions
Diversity, Equity and Inclusion programs are essential to any strong organization. But in the cybersecurity industry, they can directly improve the organization’s ability to reduce cyber risk and maintain security.
Diversity reduces groupthink by incorporating new perspectives to solve complex problems. And with these unique perspectives come innovative and unconventional solutions. Threat actors are getting quicker, smarter and craftier. Facing these challenges differently makes cyber risk programs more adaptive and innovative — ultimately improving the organization’s security posture.
Reduce Staff Shortages
There are an estimated 700,000 unfilled cybersecurity positions across the U.S., according to a report from Janco Associates.2 As organizations struggle to fill positions, many have made concerted efforts to hire underrepresented groups. Accessing this untapped talent pool brings highly valuable skills to understaffed cybersecurity and cyber risk teams.
Turn Neurodivergency into an Asset
When people hear the word “diversity,” they often think of demographic factors, such as gender, race, culture or age. But a truly diverse organization also embraces those with physical and mental differences.
The adoption of remote work opened up new opportunities for those unable to work in an office environment. And with this, they are breaking the stereotypes and bringing their unique skills to organizations.
Look for the Skill, Not the Deficit
Historically, a neurodivergent individual might be labeled with stereotypes, such as “hyperactive,” “super-focused” or “often distracted.” Instead of concentrating on the deficit, try looking for the ability! Someone with Obsessive Compulsive Disorder (OCD) has extreme attention to detail and pattern recognition. Your teammate with ADHD is a brilliant problem solver and researcher. It’s important to recognize the skill, not the divergence.
What Steps Can You Take to Foster Diversity and Inclusivity?
Step #1: Identify Your DEI Champion
Identify your organization’s DEI champion and empower them to enact change. With this, foster inclusive leadership by demonstrating commitment, advocating for inclusive processes and leading by example. Leadership at all levels should undergo specific training on effectively addressing DEI issues in the future.
Tolerating inappropriate jokes or “water-cooler talk” sends a message to others that DEI isn’t important. Employees watch how leadership handles these situations for guidance on what’s allowed in the culture. Ensure leadership receives training and takes action quickly when a situation like this arises.
Step #2: Determine Your Obstacles to Success
Consider your working environment and identify obstacles to success. In some cases, this may mean enhancing remote work opportunities. Women, people of color, differently-abled and neurodiverse individuals are seeing possibilities they didn’t know existed before through remote work environments.
Additionally, updating terminology to be more inclusive and modifying policies to support all employee abilities fosters a psychologically safe environment where everyone can thrive.
“One of the most inclusive company practice ideas I’ve observed is the Biodex, created by Ultranauts, an organization that recruits and retains neurodivergent talent to accelerate their software bug detection capabilities. The Biodex is basically an employee “user manual”, and all employees and managers are responsible for reviewing the Biodex for every member of their team. Understanding how someone prefers constructive feedback, their preferences on communication style or modality, and even what they like doing for fun can go a long way in creating an inclusive employee experience for individuals who think differently”, says Liz Green, Occupational Therapist and owner of Link Consulting, LLC.
Step #3: Stop, Collaborate and Listen!
In the words of Vanilla Ice, this is where you stop, collaborate and listen! Conducting employee surveys and reviewing prior exit interviews, performance reviews and compensation documentation aids in identifying patterns or highlighting problems.
Beyond that, organizations must also evaluate their internal policies to identify bias, barriers to success or exclusive behavior. Once you’ve identified them, consider engaging others within the organization to develop and execute the change. These changes should also come with ongoing awareness training.
As organizations grow, building inclusivity by design ensures a more satisfied and motivated workforce.
Step #4: Develop Employee Resource Groups
Develop Employee Resource Groups (ERGs) to provide a platform for networking, mentoring and supporting those with shared identities or experiences. ERGs help build relationships and create opportunities for underrepresented groups. This allows them to collaborate with community resource groups, partnerships or pipeline programs.
ERGs can also aid in targeted recruiting outreach through Historically Black Colleges and Universities (HBCUs) and organizations like Women In CyberSecurity (WiCyS) or The Diana Initiative.3, 4
Step #5: Embed DEI into Core Values and Processes
Ensure the DEI program is scalable and not a one-time initiative. Embedding DEI into core values and processes ensures inclusive practices throughout the employee lifecycle. Feedback, measuring success and reporting on progress offers a continuous assessment of the effectiveness of the initiatives so adjustments can be as needed.
The Value of Diversity by Design
Diversity, Equity, and Inclusion programs are essential to the success of any modern business. However, social responsibility and promoting diverse cultures and values are only the first step. Building DEI into the design of your organization fosters an environment where everyone can thrive.
And with it, your organization gains the unique perspectives and innovative ideas necessary to secure itself into the future.
Explore Remote Careers at RiskOptics
Looking for a remote career in the field of cyber risk management? Join our global team!
Explore current openings on our careers page.