How Intel Unlocks the Powerful Potential of Diversity in Cybersecurity

Sparking cultural shifts within an organization -- and throughout an entire industry -- can feel like a monumental task, but the juice is well worth the squeeze.

Jim Gordon, GM, Ecosystem Strategy & Business Development, Intel Platform Security Division

September 17, 2019

5 Min Read

For an industry that has shown aggressive growth over the last decade — and is projected to increase spending by 9.4% from 2018 to 2019 — the cybersecurity market continues to see more breaches and more money and data stolen. I believe that diversity and inclusion should be a foundational element for driving the advancement of cybersecurity, one that can rapidly improve those outcomes. But unfortunately, that isn't a reality today. According to a recent study, women represent just 24% of the cybersecurity workforce today, and they're getting paid nearly 12% less than men. This industry can do better. But how?

While many organizations are working to solve diversity issues such as gender and ethnic disparity, the overall industry is still a serial laggard. This is puzzling considering the fact that we have negative unemployment with the average security salary currently at US$91,500. Despite these well-paying, abundant job opportunities, clicks on job listings in 2018 decreased by 1.3%. There are many factors contributing to these numbers, but one major influence is that the security market is much like general tech was 25 years ago. Innovation is fast and furious, and start-up culture is rampant. This can result in a lack of diversity, which can alienate the many minority demographics that make up a significant portion of the total available workforce.

An industry culture defined by diversity and inclusion can bring about the type of new ideas and approaches that spur innovation and solve age-old problems. What exactly do I mean by diversity and inclusion? It's about having a workplace that's open to all, that represents varying perspectives from many different backgrounds — one that's closed to none. It's about making sure each member of your workforce is empowered daily to contribute in a way that realizes their maximum innate potential, which ultimately contributes to the success of the organization at large.

Sparking cultural shifts within an organization — and throughout an entire industry — can feel like a monumental task, but the juice is well worth the squeeze. Working at Intel, I've had the opportunity to be on the front lines of the diversity and inclusion work, and I'm heartened by the progress we're beginning to make, starting with three key elements:

Leadership: A top-down organizations starts with the CEO or other top leadership executives making a public commitment and sharing the specific terms of that commitment. This absolutely has to include a set of defined (quantitative) outcomes and a clear-cut time frame by which to measure progress and results. From there, these same leadership representatives must show up, quarter after quarter and year after year, to publicly renew those commitments and provide insight into the advancements that have been made along the way. A group of our most senior leaders meet with our chief diversity and inclusion officer every month.

Investment: Many corporate projects or initiatives use incremental funding. However, to truly affect meaningful change, diversity and inclusion programs require investment on a completely different scale. For example, recruiting diverse candidates straight out of school means you have to dramatically expand the roster of universities with which you engage. If you want to close the pay gap and introduce more inclusive benefits, you must allocate the appropriate funding.

Permanent change: Diversity and inclusion is not an HR function or policy, led and administered by a single division within a company. These programs need to be adopted broadly throughout the organization, and supported indefinitely by employees in every department, at every level. Progress must be measured regularly, reported on publicly and adjusted frequently. A permanent commitment to diversity and inclusion changes everything — from how you run meetings and write job descriptions to how you manage compensation and promotions, and much more.

Implementing a new diversity program or revamping an existing initiative will involve a defined strategy. Consider these four steps:

1. Start with a baseline. Establish a quantitative diversity benchmark for where you stand as an organization. What is your current demographic breakdown? How do employees feel about diversity and inclusion issues? Why do employees leave the company? Ask the right questions up front, and you'll set a baseline that allows you to better understand how to set goals and quantify success over the long term.

2. Don't reinvent the wheel. There's a ton of great resources available in the market to help you build a successful diversity program. Find out what's worked for other organizations, modify those initiatives to fit your organization's needs, and commit to iterating regularly along the way.

3. Try new things. Many organizations fail over and over again with basic HR-driven diversity programs, expecting different results each time. Don't be afraid to aim high, make adjustments along the way, and be creative. As you begin to see progress, you'll need to fine-tune your goals, priorities, and measurement along with it.

4. Make it collective. While HR departments certainly play an important role in the change process, to generate a historic cultural shift you need commitment that starts at the top and companywide involvement that permeates every department and level. While there are a lot of different program elements organizations can bring to bear to influence diversity and inclusion, one every organization should consider is an "ally" program. At Intel our ally program is designed to encourage all employees to be allies in the workplace by demonstrating five key behaviors: be visible, listen and learn, reflect, challenge and advocate.

The good news is that today, more organizations in the cybersecurity market across the world are making diversity and inclusion a top business priority. That said, women and other minority groups are still vastly underrepresented and we have a long way to go. An industrywide shift in culture won't happen overnight, but by following key principles and best practices, you can begin accelerating your organization's path toward diversity and inclusion.

Related Content:

Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "How a PIA Can CYA."

About the Author(s)

Jim Gordon

GM, Ecosystem Strategy & Business Development, Intel Platform Security Division

Jim Gordon is an Intel veteran of 20+ years and has held a variety of roles over this time. Most notably he served 3.5 years as chief of staff and technical assistant to Intel's then president Renée James.  He currently is GM of Ecosystem & Business Development, Intel's Platform Security Group.  He holds a BS in economics from the University of California at Davis as well as an MBA from Purdue University.  Jim is also a self-motivated and active contributor to diversity and inclusion (D&I) efforts at Intel specifically and in general across tech – even though he does not work and has never worked in HR.  For Intel in D&I, he has served as a top leader in its internal "Inclusive Leaders" program – a program dedicated to engaging, training, activating and supporting those influential "male majority" business leaders to take responsibility for and take proactive actions towards full inclusion.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights