Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
We chat with Semperis’ Director of Crisis Management about the importance of diversity and the necessity to manage urgency in a fast-paced industry.
Cyber Daily: It feels like it's a really good time to be having a discussion about diversity in the cyber security workforce. We know that diversity, equity and inclusion is now somewhat of a dirty word in some US corridors of power, so I'd love to hear your opinion on why diversity really does matter, particularly for cyber.
Courtney Guss: I do think it's still a really important conversation, you're right.
It's become quite a divisive issue, which is so strange to me, because I think the different perspectives, the different life experiences, and outlooks on things, I think drive so much innovation and conversation and collaboration in our industry. And when you don't have a diverse workforce and you just have that kind of… singular point of view, you really lack that collaboration and innovation.
I see that in my day to day work, where I wouldn't say we disagree, but I would say that my colleagues and I come from a different point of view, oftentimes, and I think it's important to talk through those points of view and either come up with a completely different solution, or to come to some kind of an agreement, or agree on one of our points of view.
But without that, I just think it's quite boring and we're not moving the ball forward.
Cyber Daily: And missing that diversity of thought, of different life experiences, that having a culturally and gender diverse workforce brings to the table.
Courtney Guss: I think that's actually almost more important, or as important as gender diversity.
I think it's easy for us to talk about gender diversity because it's obvious, right? You can see it quickly, and you can see that disparity quite quickly. But I think different work experiences, different life experiences, different thoughts or beliefs also drive that kind of diverse thought.
So I think a lot of that is where you start to see real innovation and change, and it's so important. But I also think that requires a culture shift within an organisation to say, “I'm willing to bring on someone who thinks different, looks different, has a different background than me,” and that in itself, can be a pretty significant shift as well, and can be challenging to overcome.
Cyber Daily: How do you talk to boards and senior managers through that process? How do you sell diversity?
Courtney Guss: Oh, I think that's hard.
I think sometimes you just have to prove that it works. I know that. I guess I'm kind of from that world, so I don't have a traditional computer science background. I don't have a degree in computer science; cyber security didn't exist as a field when I was in college. I actually have a degree in merchandising and product development – a completely different field, right?
But when you think about it, there's so much overlap in what we do in the world of business, whether it's in merchandising or whether it's in IT security. I think business is business, and so showing the board or showing leadership that someone like myself can bring value to the organisation, that I can learn new things, and I can bring a new perspective, is something that you almost have to prove out, and then you can kind of build on it and say, “Look, we've proven that this works, bringing people from other backgrounds, let's give it a try again”.
But, unfortunately, that means you have to have an organisation that's willing to give that a try. So I was fortunate. I was in the insurance sector for a long time, and I met a CISO at an off-site, non-work-related event, yeah. And we were just talking about risk in general, not about cyber security risk or business risk, and we were just talking a very high-level conversation.
And he said, “If you can teach the team risk, I can teach”. I kind of drank through a fire hose for several years learning it. But I think we have a lot of transferable skills if you just give people a chance.
Cyber Daily: What's the role of mentorship in this process, particularly around getting women into the cyber workforce who, like yourself, may not come from an ICT background.
Courtney Guss: I think mentorship is really important, and it's challenging because to make time for someone is… It's obviously difficult.
Obviously, we're all very busy with work and life and things, but I didn't have any women role models as I was coming up through the field; I didn't have anybody to look to to say “That's what I want to be,” that kind of thing. And I was very fortunate that the men that were my role models in the field never really looked at gender as a barrier. It just helped flourish my career.
But I want to make that path even incrementally easier for the next group. So I do spend quite a lot of time mentoring young people, and young women specifically. And I think we as an industry, both men and women, need to do a better job of that, making time for those individuals and understanding that we might have to teach them a new skill set, or they're going to need to learn a new skill set. And some of that's actual technical work, and some of that's just how to survive in the business world, to not to be afraid to try things.
You know, there's this whole impostor syndrome thing out there, but in reality, we're all faking it, right? Nobody knows what they're doing.
Cyber Daily: I can certainly understand where you’re coming from on that!
So this all helps get people into the workforce, but how do we keep women in the workforce? Because obviously, we know that cyber security can be a stressful job. It's a job that's often based around crises and crisis management. How do we keep women in that role without them burning out?
Courtney Guss: I think flexibility is important. I think that goes for men or women who have families – the flexibility piece is really important.
I think having a realistic sense of urgency is important as well. Not everything can be a fire drill all the time – if everything's a fire drill, then nothing's a fire drill. And you know, for those of us who hate procrastination, it's kind of my rule of thumb. But you do burn people out very, very quickly if everything's on fire all the time. And I think having realistic priorities and a realistic sense of urgency is very important. Flexibility is really important.
I think support for career progression, education, learning, certifications, exploration, which I wouldn't say, do a great job of, in this industry, making time for all that is also important, because if you have to do that work, that education work, the training, work on your nights and weekends, it just feels like you're never getting a break from work.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
