Siemens' cyber chief says firms shouldn't shy away from talking about race or politics as they work to improve diversityFebruary 12, 2021
- Women and people of color are starkly underrepresented in the cybersecurity industry.
- Changing that will require cyber firms to step up, Siemens CCO Kurt John told Insider.
- John said improving diversity will hinge on rethinking recruitment practices and workplace culture.
- Visit the Business section of Insider for more stories.
Cybersecurity has a diversity problem.
Like the broader tech industry, the security field is overwhelmingly white and male. People of color represented only 26% of the cybersecurity workforce as of 2017, according to a report by the cyber consortium ISC2, and in 2019 only 20% of cybersecurity employees were women, according to Cybersecurity Ventures.
Diversity won’t improve without a direct investment from cyber firms, according to Siemens chief cybersecurity officer Kurt John, but more a diverse workforce will direct benefit both the industry overall and cybersecurity companies’ individual outcomes.
John’s always been “hyper-aware” as a Black cybersecurity professional that the field lacked diversity.
“I didn’t see a whole lot of people that look like me,” he told Insider.
During his career as a penetration tester — an engineer who probes companies’ cyber defenses for weaknesses — and later as an executive, John also saw how a lack of diversity hampered cybersecurity teams’ abilities to think outside the box or approach problems from all angles.
In a field that often requires fast-paced, creative problem solving and investigative skills, he believes having cognitive diversity is crucial to high performance.
“Your physical attributes are a collection of variables that influence the way you think, because that impacts how you experience life,” he said. “If you throw all those people together in a non-homogeneous team, what happens is magic.”
Improving diversity will hinge on forming talent pipelines to train and hire early-career professionals from underrepresented backgrounds, John said, as well as making sure internal culture supports diverse employees, including through open dialogue about inequities.
As the leader of Siemens’ worldwide cybersecurity operations — overseeing roughly 1,300 security professionals — he has spearheaded efforts to mobilize the company’s employee resource groups to help recruit talent from institutions like historically black colleges and universities.
He also touted diversity-focused contributions from Siemens Foundation, the company’s nonprofit arm, which have subsidized engineering training and internships for people from backgrounds underrepresented in tech, including women, people of color, and those with disabilities.
The effort converges with a broader talent gap facing the cybersecurity industry: There are roughly 350,000 open jobs in the field with firms struggling to find candidates to hire. John sees this gap as an opportunity to roll out robust diversity initiatives as part of the effort to fill open roles.
Efforts to improve diversity are often held back by extremely strict hiring requirements at top firms, especially for technical roles. Google faced backlash in recent months when a Black recruiter said she was fired after raising concerns about how Google more harshly judged candidates that weren’t from a handful of elite universities. (Separately, Google recently reached a settlement with the Department of Labor over allegations of pay and hiring discrimination).
John said recruiters and hiring managers should abandon strict numerical requirements for job candidates like GPA or a perfect score on a technical exam, which may unintentionally filter out candidates from underrepresented backgrounds, in favor of a more holistic evaluation.
“For technical [skills], I can send you to a class for that. But what’s harder to do is to find someone who integrates well into a culture, who can benefit from that culture, and, who can help truly make the workforce more diverse,” he said.
Pipelines alone aren’t enough
Aggressively recruiting more women and people of color can’t be the only step firms take to secure diversity and inclusion, John said: They also have to commit resources to retain and support a diverse workforce.
Some tech companies have attempted to lock down internal discussions surrounding hot-button issues like racism or politics. Facebook warned employees last year to tone down political discussions on internal forums, and Google issued a similar warning to workers the year prior. More recently, Coinbase CEO Brian Armstrong drew backlash from some employees (and praise from others) when he published a memo last year asking his staff not to “engage” in talks about “broader societal issues” at work.
John advocates for the opposite approach: He says he’s grateful to have participated in a series of talks at Siemens internally dubbed “courageous conversations” meant to serve as a forum for hard discussions around issues of diversity and inclusion.
“Those uncomfortable conversations, I think more companies should be having them because [otherwise] it’s not going anywhere,” he said. “While a little bit scary, they’re absolutely necessary.”
Source: Read Full Article