From the Spring 2021 Issue

Diversity and Inclusion in Cybersecurity and Technology

Bob Fabien Zinga
Head of Information Security | Directly, Inc. & U.S. Navy Reserve

The technology workforce should be as diverse as our nation. Diversity is the strength of the United States of America. The national motto, “E Pluribus Unum,” is translated “out of many, one.” In America, people are one nation out of many nationalities. When diversity is represented in hiring practices, organizations become stronger and more resilient. Diversity of thoughts, backgrounds, talents, and perspectives will help any organization achieve peak performance. Inclusion is a sense of belonging, making everyone, including minorities and women, feel valued and respected. Equal employment is the law in the United States of America. Diversity and Inclusion (D&I) go beyond the law and embody the “spirit” of the law. Everyone in America should have the right to take advantage of all opportunities for which they qualify for in any area, especially in the technology field. Unlike other industries that have been around for an exceptionally long time, technology is relatively young. There should not, at all, be any prejudice, racism, or misogyny in this field. 

In Silicon Valley, many leading technology companies committed to increasing diversity among the workforce in 2014. However, there has not been much progress in the hiring and retention of minority workers in Silicon Valley. Diversity and inclusion should be the responsibility of every tech leader, and frankly, every single employer. Every tech leader should check for unconscious bias when hiring new employees.

Organizations should consider the recommendations below to increase diversity at every level. These recommendations have been tried and proven in one of the world’s most diverse organizations: The United States Military, and most specifically, the United States Navy.

Check Unconscious Bias

One specific step hiring technology leaders should take to diversify their talent pipeline is to be aware of and work against any of their unconscious biases. People tend to hire other people who look, think, and sound like them. There is a tendency to be attracted to people with similar backgrounds. Technology leaders should consciously and actively avoid the path of least resistance. For example, these leaders should ensure that the job description being advertised is gender neutral. Yes, women can code too. For example, by targeting only men coders, leaders are automatically disqualifying over half of the U.S. population. One practice to espouse when hiring technical staff is to manually remove all applicants’ names and personal data from the job applications. After doing this, the anonymous candidate’s review for qualifications, including experience, education, and related IT certifications, becomes objective. In improving the high-tech workforce’s diversity as a main concern, combating unconscious bias must be a priority.

Designate A Diversity and Inclusion Senior Leader Outside of Human Resources

In the U.S. Navy Reserve, the primary initiative to promote diversity and inclusion is the Command Managed Equal Opportunity (CMEO) Program. The program promotes positive morale, quality of life, and an environment of equal opportunity to aid in the prevention of harassment or unlawful discrimination. The Navy CMEO program has three main components, with the first component being the designation in writing of a CMEO Program Manager (PM) who is accountable for the program. The CMEO PM must complete advanced diversity and inclusion training within six months of being designated.

“This person should not be the head of Human Resources (HR) nor should be added as a collateral function to an existing HR employee.”

Similarly, tech organizations should consider designating, in writing, a single D&I leader who should be able to influence the organization’s strategic direction. This person should not be the head of Human Resources (HR) nor should be added as a collateral function to an existing HR employee. It is essential to appoint a single person in charge. This position would require full-time attention and a commitment of organization resources. Like cybersecurity, if diversity and inclusion are a priority to the organization, there needs to be a resolute member of the leadership team to head that function. 

Review and Update All Diversity and Inclusion Policies At Least Annually

In the U.S. Navy, the CMEO PM helps the unit leadership develop, review, and update all diversity and inclusion policies at least once a year. The CMEO PM helps swiftly respond to reports and enforce the command of diversity and inclusion policies.

“By continually focusing on the organization’s diversity and inclusion governance and metrics, the D&I leader will help the organization monitor its progress and adjust related activities to achieve its goals.”

Similarly, the D&I leader should review, develop, update, and maintain policies, procedures, directives, training, and guidance related to the D&I Program at least once a year or whenever there is a significant change in the organization. Robin S. Sharma once said: “What you focus on grows, what you think about expands, and what you dwell upon determines your destiny.” By continually focusing on the organization’s diversity and inclusion governance and metrics, the D&I leader will help the organization monitor its progress and adjust related activities to achieve its goals. Otherwise, a program that is out of mind will soon be out of sight. The greatest management principle in the world, which is taught in business school, crystalizes the concept that, “The things that get rewarded get done.”

Upon updating diversity and inclusion governance documents, all employees should read and acknowledge the policies at minimum, annually. Upon investigation and collaboration with senior leadership, HR, and the Legal departments, violation of diversity and inclusion policies should result in punitive actions up to and including discharge or loss of employment. There should be a zero-tolerance for prejudice, racism, and misogyny in any organization that is committed to diversity and inclusion. The D&I leader should be empowered to respond to any violation reports and enforce all policies swiftly and without equivocation.

Conduct an Annual Organization Climate Assessment

In the U.S. Navy, the CMEO conducts an annual command climate assessment to hear directly from the members as to how they feel about the unit. The annual assessment is the opportunity for every member to anonymously speak freely about the organization’s effectiveness, equal opportunity, fair treatment, and the sexual assault prevention climate.

The D&I leader should conduct an annual assessment of the diversity and inclusion climate. Senior leadership needs to foster a culture of inclusion and non-retribution. All users, regardless of pay grade, need the opportunity to speak freely and anonymously without fear of retaliation to help improve the D&I program. Once a report has been filed, the D&I team needs to consider each submission and, if necessary, escalate to senior management for an appropriate response. If participants feel as though no one is listening to them or acting on their feedback, they will stop providing feedback. Tim McClure once said: “The biggest concern for any organization should be when their most passionate people become quiet.” Senior management must get to know and value each employee and promote an inclusive environment. If diversity and inclusion are essential to an organization, their effects will be measured across the organization with frequency.

More than ever before, it is critical to increase diversity and inclusion within technology. This has proven to be a complex and daunting effort. Every tech leader should take responsibility to check one’s unconscious bias and do whatever one can to increase diversity within one’s team. Everyone should use the sphere of one’s influence to advance diversity and inclusion at every level within the organization. Also, for diversity and inclusion to become a competitive advantage for a tech organization, the use of the U.S. military as a model suggests designating a D&I senior leader, managing governance, and conducting annual climate assessments. lock

Bob Fabien Zinga

Leave a Comment