Home>Blog>Is Your Security Operations Team Focusing on These Diversity and Culture Practices?

Is Your Security Operations Team Focusing on These Diversity and Culture Practices?

6 Min read
Last Updated Thursday, September 23, 2021

Written by Dan Kaplan

Written by Dan Kaplan

Research shows that fostering greater diversity and inclusion is beneficial to organizations, both from a security standpoint as well as corporate growth and profitability. More diverse organizations outperform their peers financially and report higher levels of revenue from innovation. Greater diversity and inclusion also help improve employee retention. One poll of tech professionals found that workplace culture was the main driver of turnover, significantly affecting the retention of underrepresented groups and costing the tech industry more than $16 billion each year. 

Despite the ample evidence that increasing diversity and inclusion is beneficial for both organizations and their employees, the cybersecurity industry remains stubbornly homogenous, with 85% of security professionals identifying as white and more than two-thirds as male. 

The Importance of Diversity and Inclusion in Security Operations

When it comes to diversity and inclusion in the security operations (SecOps) and the security operations center (SOC), experts agree that a more diverse team – hailing from different backgrounds and bringing a wide variety of life experiences – makes an organization’s security posture stronger. When people come from diverse backgrounds, they bring unique perspectives, different ways of analyzing problems and novel approaches to finding solutions. This diversity of perspective and experience is incredibly important in cybersecurity, where SecOps professionals and threat hunters are combatting sophisticated threats originating from anywhere in the world. The fresh insights that emerge from more diverse teams help security analysts think like their adversaries, better understand their modus operandi and can lead the team to solutions they might have otherwise missed. In short, greater diversity improves threat detection and response. 

Register to Watch on Demand the Entire Setlist of Sessions at SOCstock 2021

Equally important, by ensuring that hiring practices are open and equitable, and by boosting outreach to traditionally underrepresented groups, organizations can increase their pool of quality candidates. This is particularly important in cybersecurity, where the industry faces a workforce shortage of nearly four million professionals and organizations are struggling to fill roles. With the rise of remote work, organizations can more easily hire quality candidates no matter where they are located – eliminating a barrier that sometimes held back diversity initiatives in the past. 

How to Improve Diversity and Inclusion in Security Operations

During the recent SOCstock panel discussion “Diversity and Inclusion in the SOC,” speakers Mary Chaney, chairwoman, CEO & president of Minorities in Cybersecurity Inc.; Haylee Mills, content detection engineer at Charles Schwab; and Cyrus Robinson, SOC director at Ingalls Information Security, shared a number of best practices for driving real diversity in the SOC. They included:

  • Diversity, culture and inclusion play such an important role in strengthening an organization’s cybersecurity posture that they should be considered part of its layered defense model. 
  • One can’t address or change things one is not aware of. Executive leadership must have a true view of what the diversity culture is like throughout the organization. Measure current diversity metrics and conduct surveys, focus groups and one-on-one discussions to learn how employees really feel about the organization’s culture and whether they feel included and supported.
  • Eliminate implicit bias at all levels. Numerous studies have demonstrated ways that implicit bias can impact hiring practices. Create corporate policies that help remove or mitigate implicit bias from processes wherever possible. Ensure that executive leadership teams are prioritizing and demonstrating their commitment to diversity, equity and inclusion (DEI) initiatives.   
  • Cultivate mentorship programs as part of the new employee onboarding process – especially within the SOC. Given that cybersecurity teams have traditionally been less diverse, it’s important to build these one-on-one connections to help ensure that new employees from different backgrounds and cultures feel included and supported within the group.   

Creating a Culture of “Yes” in the SOC

In addition to the need for greater diversity within SecOps, there is another cultural revolution underway in the SOC: one that pertains to the way we approach security. In his SOCstock session, Drizly Chief Security Officer Joe McManus spoke about the need for SecOps teams to build a culture that is more collaborative and open with other departments within their organization.

Too often, security teams are seen as a highly risk-averse group that says “no” to any new tools, applications, cloud services or ways of doing things. McManus argues that in order to improve efficiency and performance of the SOC, we must change its culture so that security is seen as an enabler within the organization rather than a team that simply forbids everything. If the default answer is always “no” and security is perceived as too stringent, employees will simply find ways around it. They will seek workarounds and bring in “shadow IT” to achieve what they wanted, all of which weakens cybersecurity in the organization. 

Instead, McManus recommends that SecOps teams engage early and often with other departments and business units. Listen to what they are trying to accomplish and what tools they’re looking to use, and then change the default answer from “No” to “We can do that, but we need to consider how it can be done securely.”

Collaborate with other teams and make sure that SecOps is involved early in the process for any new technologies or applications that are being developed or considered for purchase. Most importantly, make sure your security team is friendly and approachable so they are seen as problem solvers and enablers, not as a roadblock to get around. This will encourage everyone in the organization to actively think about cybersecurity more and consider how they can work with the security team to ensure that the organization’s security posture remains strong. 

Change is Underway

Overall, the culture of SecOps and the SOC are changing. Progress takes time, but we’re seeing many passionate people in the industry working to improve diversity, equity and inclusion, as well as change the ways we approach enterprise security. This will help those of us in the industry not only strengthen security within the organizations we work in but will also improve the workplace culture for us all. 

For additional resources on how to drive greater diversity within cybersecurity, visit the non-profit organization Minorities in Cybersecurity at https://www.mincybsec.org/

To view any of the sessions from SOCstock 2021 on demand, visit www.SOCstock2021.com.    

Sign up for our newsletter and join thousands of your peers who receive monthly security operations tips and tricks.