grow a workforce and body of expertise, not shrink it.By illuminating career pathways or creating opportunities for those who have been historically overlooked, DEIB programs welcome people that may not have been exposed or traditionally have lacked access to the space. Across the US, Black practitioners make up only 8% of the total tech workforce. In a 2024 ISC2 report, an annual survey that looks at the gender, age, and skills of the cyber workforce, less than 15% of cybersecurity practitioners identify as female. Earlier studies have consistently shown that women have been systematically excluded from career growth, recognition, and access to opportunity. Removing DEIB-focused staff and curtailing DEIB focused initiatives is harmful to our cyber and national security because it limits our ability to understand the threat landscape, recruit and maintain personnel, and innovate on new ways to mitigate risk, ultimately capping US capabilities to innovate and defend.That was the lens through which we created #STMIC and how it evolved from a social media movement and community of practitioners and allies to the establishment of the #STMIC Fellowship at New America. In just two years, our diverse Fellows have published articles and papers that illuminate overlooked issues and provide recommendations to address them, such as addressing real-world harms of cyberattacks on women, combatting AI-driven misinformation, a model bill to help states address cyberattacks on small-and-medium sized businesses, and shoring up support for the cybersecurity risks of the metaverse.Effective cybersecurity demands a socio-technical approach, as it requires a complex interaction between human and science in creating, maintaining, and securing technology. Different cultures, communities, regions of the country, genders, use technology differently and adopt behaviors based on societal and cultural dynamics. Those behaviors and dynamics can illuminate why and how a person might be manipulated or when they may use a technology in an unexpected or abnormal way. That information is essential to building technical, policy, environmental, and behavioral mitigations to cyber risk. Ultimately, the codes, protocols, and developers protecting and defending our information and critical infrastructure, work within the context of regulations, economics, and culture, and the safest and most secure systems take both into account. Having a diverse team is the best way to anticipate, identify and mitigate risk.Current efforts to sow division on the importance of DEIB will only lead to less security for all. We invite everyone to act now, to support each other, and organizations like #ShareTheMicInCyber, for a diverse and therefore more secure cyber environment.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/3953961/why-dei-is-key-for-a-cyber-safe-future.html
