At one of the keynote addresses at RSA, the opening speaker asked that everyone who identifies as a woman in the audience stand up. It was amazing to see how many women there were at the conference, but we have a long way to go.
Veracode has an incredibly diverse employee base, which makes working here a great experience. We don’t have men and women, we have “Veracoders,” and we take that pretty seriously. We are a women-led organization, with Sam King as our CEO. I am on the product strategy team, and more than half of our department is women. We have an incredible mix of races, religions, backgrounds, ages, and political viewpoints – and everyone respects each other no matter who they are or where they came from. Veracode also has a diversity and inclusion team that seeks to ensure we stay honest about our direction as a company and continues to push through barriers as often as possible.
I attended a great diversity and inclusion panel at RSA this year, where a resonating theme was “Diversity is a fact, but inclusion is a choice.” This panel had CISO/CSO representation from Xerox, ADP, United Airlines, and JP Morgan Chase – all companies that strive to take diversity and inclusion seriously.
Diversity and inclusion starts well before the employee is working in a company. It’s important to build the talent pipeline from an early age with programs that ensure diverse individuals have opportunities to grow and learn in STEM fields. Diversity and inclusion has to be something that you don’t accidently fall into, it has to be a deliberate and thoughtful initiative in the company. A really awesome takeaway is that we could work to change the narrative around the security industry. We always idealize doctors, lawyers, and athletes for kids on TV shows and in movies, but telling a child that you are a CISO is boring. So one of the panelists says she tells kids she’s a “Professional Hacker,” and their eyes grow wide! I think that’s a really interesting approach, and we could work as an industry to make this field sound as cool and important as it really is!
One of the hardest questions the panel tried to answer was around the impact that diversity and inclusion has on the success of a business. They said there isn’t a really great way to measure this in terms of a trackable number. One of the recommendations was to have regular surveys on how people feel in their job – how comfortable they are in their role, how included they feel, and if they feel supported and have a path up and forward.
In summary, the main takeaways were:
- Ensure that as an industry we are building the talent pipeline from a very early age, so that people from diverse backgrounds pursue careers in security.
- Companies must have more than just policies on diversity, they need a purposeful mission driven by a team in the company.
Ensure there is a plan for each and every employee to grow and feel like a partner with the business.
Stay tuned for more from RSA ...