Small Changes Can Make A Big Difference In Tech Diversity

There’s no doubt that many employers feel most comfortable hiring people like themselves. But in InfoSec, this approach can lead to stagnation.

Lysa Myers, Security Researcher, ESET

January 28, 2015

4 Min Read
Image by L. Barry Hetherington from

Whenever the lack of diversity in tech is discussed, you can always count on it sparking a debate over whether it is due to a “pipeline” problem or a “culture” problem. In other words, are there too few “minorities” interested in studying tech, or are they being repelled for some reason?

If you ask me, that’s a fruitless discussion that can never be proven one way or another, and it’s time to look at things differently.

Albert Einstein is widely (and probably mistakenly) credited for saying that the definition of insanity is doing the same thing over and over again and expecting different results. If we view the diversity problem as an opportunity to experiment and collect data, perhaps we can make some significant progress. 

To make any progress, we need to first do things differently. But what things, specifically, do we need to change? There are scads of ways we can make changes to begin this experiment, but we need to start somewhere. For the purpose of this post, let’s start with hiring.

First thing’s first: When your company opens head count for a new position, how do you write the ad? There is a general consensus that how you word an ad matters in terms of who applies. Women and other minority groups, according to a recent study reported in Science Magazine, may avoid careers that seem to require “natural aptitude” rather than hard work and knowledge.

Likewise, they may avoid applying for jobs where they don’t appear to meet all the criteria, writes Tara Sophia Mohr in Harvard Business Review, especially when the requirements appear to be over-inflated or aspirational, rather than accurately describing what the position truly requires. You may also wish to experiment and record your results for future searches, as small tweaks in things like title wording, may bring surprising changes in those who apply.

Once you have written the job listing, where do you post it? If you’re using the same old job sites with the usual skewed demographics, you’ll invariably get more of the same. There are lots of national and local groups for women, for people of color and LGBT coders, such as Women Who Code, Code2040 and Queer Coders, where you can broaden your reach.

Reinventing the interview
Now that you’ve got a pool of qualified applicants, how do you whittle it down to the best fit for the position? Once again, you can experiment with doing things a new way. Certain types of interviews may narrow your list of candidates unnecessarily. For example, daylong interview marathons or weeklong “tryouts” may exclude otherwise excellent candidates if they’re not able to get away from existing commitments such as a job, school or childcare. Not only that, but such extensive interviews may bias your results towards extraverts, as introverts may find so much uninterrupted face-time incredibly taxing.

Large group interviews – especially informal ones such as in a noisy bar – may seem like a great way of expressing your fun and casual corporate culture, but they may exclude otherwise talented applicants with hearing or sensory integration issues, teetotalers, people of certain faiths or those who are introverted and do better in smaller groups.

Once you’ve decided on the format for your interview, you may need to change what you ask your candidates. Much as with the initial job listing, the questions you ask should directly address experience or mirror the true nature of the job. Avoid riddles or brainteasers, or inquiring about trivial aspects of technology. Let’s be honest: If some obscure piece of information is needed on a project, most of us will simply Google it or check reference materials.

There’s no doubt that employers feel most comfortable around people like themselves. But in InfoSec, this tactic can lead to stagnation within an organization. Hiring people with different perspectives can lead to wonderful innovation and, even the ability to reach a broader market for your products. You don’t have to overhaul your company to achieve this either. Small changes that bring new ideas and experiences will lead to greater workplace diversity, innovation, and, ultimately, broader success.

About the Author(s)

Lysa Myers

Security Researcher, ESET

Richard Roth leads Dignity Health's innovation efforts, which seek to create and test novel services, programs, partnerships, and technologies – from within and outside of healthcare – that challenge the status quo and have the potential to reduce the cost of care, improve quality, and/or increase access to services. Working in concert with Dignity Health employees and physicians, he works to anticipate emerging trends and technologies with the goal of incubating, studying, and scaling efforts to improve care. He led Dignity Health's efforts in forming SharedClarity, a novel new startup focused on creating transparency into medical device performance in an effort to improve patient outcomes and lower the cost of care. Roth holds a Master's degree in healthcare administration from the University of Minnesota and a Bachelor's degree in public health from West Chester University.  

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights