Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

Making Infosec Meetings More Inclusive

Diversity and inclusion experts explain how to avoid meeting pitfalls that preclude the voices of underrepresented members of the team.

Meetings at the office can be a battlefield for women and minorities in the cybersecurity field. 

"Many women lack confidence, but you want your ideas to be heard by the team you are with," says Telle Whitney, CEO and co-founder of the Anita Borg Institute. Programmers or team members want to be seen as their professional role, not as a woman programmer or a black programmer, she says.

"Every woman that we work with - that is their goal," she says.

There are strategies for making meetings more inclusive so that all members of the team get to contribute:

Encourage all voices and ideas.

Research has shown that women are interrupted more than men in meetings and their ideas valued less by team members, but there are ways to reduce that behavior, say inclusion experts.

Managers and team leaders should set ground rules before a meeting, says Mary Chaney, vice president at International Consortium of Minority Cybersecurity Professionals (ICMCP).

"As the leader, I set the tone for the meeting," says Chaney, who previously ran the security operation for Johnson & Johnson. "My rules were no interrupting other people or talking over others. As a leader, you want to make sure all voices are heard. You want a complete view."

In some situations, team members may want to lead the conversation. A leader can step in and interrupt a dominant speaker and say something along the lines of "I understand how you feel, but I want to see what other people think as well," Chaney advises.

Co-workers can play a role in providing space or an entry point to participate in discussions, says Aubrey Blanche, global head of diversity and inclusion for software company Atlassian, which released a 2017 State of Diversity Report in March. When she was in college and served on a board of directors at a nonprofit, she faced a male-dominated board and was uncomfortable with their communication style. "It was nothing malicious on their part, but I did not feel comfortable," Blanche recalls.

She approached a fellow board member with whom she had a good working relationship and asked if he could help her participate in meeting discussions. During the meetings, he would turn to Blanche and ask for her thoughts or opinion, she recalls. After being called on several times to solicit her opinions, Blanche says she eventually felt comfortable providing them unprompted in the meeting.

When women and minorities get interrupted while speaking, they should try some basic communications strategies, say inclusion experts. "Interrupters often don't realize they are interrupting," Blanche says. "You can say their name to get their attention and then let them know you would like to 'finish up' your thought."

When in a meeting with peers or those in higher roles, Chaney will put her finger up in the air and say, "please let me finish my thought" when interrupted, she says. "I figure they took the same leadership training as I did and should know better, so I will call them on it."

Quash idea-stealing.

Another common issue women and minorities face in meetings is having their ideas pilfered, say inclusion experts. When women present ideas in a meeting, they are generally more collaborative and humble, speak in general terms and a tentative manner, and phrase their ideas as questions, says Caroline Turner, principal with DifferenceWorks. As a result, the idea tends to lay their quietly until a male colleague picks it up, claims it as their own idea and receives kudos from co-workers, Turner says.  

Men tend to communicate in a "hey, look at this" fashion, which is more apt to gain attention in a meeting, Turner explains.

Turner herself faced this issue when working for a company as a high-level executive. She mentioned this concern to her CEO on a Friday, who dismissed the notion, but the following Monday, he witnessed it firsthand during a meeting. Turner presented an idea and it failed to generate an immediate response. Then, moments later, a co-worker picked up Turner's idea and presented it as his own, she recalls. Turner shot a knowing look to the CEO, who appeared surprised and said to the co-worker, "I see you agree with Caroline's idea," she recalls.

Although the conversation in the meeting continued as though nothing was amiss, Turner says, "I felt empowered. I was validated. I was no longer invisible. The power of that endorsement made me feel on par with everyone in the meeting."

Women in President Obama's administration used an "amplification" strategy" in which they would support each other by recognizing and commenting on any great ideas that fellow female co-workers presented in the meetings, Blanche explains.

The amplification comments would go along the lines of "great point and I would like to add on thatm" Blanche says as an example.

Women and minorities should hold open discussions with managers and executives when their ideas are hijacked, Turner says, citing her own former CEO as an example.

"Once I pointed it out to him and he saw it happen, he will never forget it," Turner says, noting the CEO went on to validate other women's ideas when similar situations arose.

Inclusion experts also note women and minorities can advocate for themselves in a light-hearted way while in meetings by saying such things as, "I'm glad you liked my idea and wanted to build on it."

Eradicate dismissive behavior and attitudes.

In Silicon Valley, there is a belief that the best people have a particular style of coding, and some men are dismissive to female colleagues if they don't employ the same coding style, says Whitney.

And in other cases, companies have fostered a confrontational culture, she says. "Intel used to have a culture of constructive confrontation, with the idea that by taking serious criticism a company could only get better," Whitney says. "But Intel has since changed this culture to one where it wants it to be collaborative."

Managers can tackle this head-on. "As a manager, when you see dismissive behavior you can take [the culprit] into a private conversation and tell them the behavior does not contribute to the job being done," Whitney advises.

She adds that managers can also provide women and minorities who are dismissed by their male counterparts to have an opportunity to demonstrate their work and discuss it when the project they were working on is reviewed.

Seeking allies is one way to fend off a particularly rude co-worker, inclusion experts say. Any co-worker can approach an offending team member and recount the contributions made by a female or minority infosec member, Whitney says.

However, she notes, some co-workers who are insecure about contributions they have made to the team may not be willing to stand up in another co-workers defense.

So women and minorities should seek out allies to fend off obnoxiously rude co-workers, Whitney advises. "One of the most successful strategies in this situation and others is to find allies," she says. "This is one of the reasons it is so important to have more women in the workforce."

Related Content:

 

Dawn Kawamoto is an Associate Editor for Dark Reading, where she covers cybersecurity news and trends. She is an award-winning journalist who has written and edited technology, management, leadership, career, finance, and innovation stories for such publications as CNET's ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-20092
PUBLISHED: 2021-05-13
File Upload vulnerability exists in ArticleCMS 1.0 via the image upload feature at /admin by changing the Content-Type to image/jpeg and placing PHP code after the JPEG data, which could let a remote malicious user execute arbitrary PHP code.
CVE-2020-21342
PUBLISHED: 2021-05-13
Insecure permissions issue in zzcms 201910 via the reset any user password in /one/getpassword.php.
CVE-2020-25713
PUBLISHED: 2021-05-13
A malformed input file can lead to a segfault due to an out of bounds array access in raptor_xml_writer_start_element_common.
CVE-2020-27823
PUBLISHED: 2021-05-13
A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2020-27830
PUBLISHED: 2021-05-13
A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a NULL-ptr deref crash.