The Aspen Institute

Guidance part of new report resulting from cross-disciplinary workshops 

Contact: Carner Derron
Marketing & Communications Manager
Aspen Digital
Carner.Derron@aspeninstitute.org

San Francisco, CA, Sept. 9, 2021 — The Aspen Institute, with support from the Hewlett Foundation, today makes recommendations for diversifying the cybersecurity industry, spanning two categories: immediate actions and those that require further investment. The effort resulted from workshops convening an intergenerational and cross-disciplinary group of cybersecurity professionals to develop a concrete, impact-oriented set of commitments focused on improving diversity, equity, and inclusion (DEI) in cybersecurity.

The new report, Diversity, Equity, and Inclusion in Cybersecurity, makes a number of key recommendations, including:

• Organize a coalition to assess the value of certifications in developing quality candidates for cybersecurity jobs;
• Survey participants in cybersecurity apprenticeship programs to better support diverse candidates;
• Collect and share anonymous data about characteristics that prove useful for successful hiring for cybersecurity jobs;
• Establish a group of pro bono experts to help cybersecurity employers rewrite their job descriptions without jargon and focus on the skills required;
• Reconsider whether the current criminal background check process is appropriate, fair, and equitable;
• Establish a task force to track C-suite executives’ commitments to DEI initiatives related to cybersecurity professionals within their companies;
• Develop a coalition to identify best practices for mentoring diverse cybersecurity practitioners and create shared resources; and
• Cultivate brand, advertiser, and media influencer partnerships and develop a campaign to reshape narratives around cybersecurity professionals.

These recommendations were developed with the support of the Hewlett Foundation, the consultation of cybersecurity expert Camille Stewart, and insights gleaned from a series of workshops held in October 2020 and February 2021 that brought together leading cybersecurity professionals with representatives from affinity groups and other diverse bodies.

“There are a wide range of simple steps requiring minimal intervention that organizations can take to better recruit, retain, and support cybersecurity professionals from diverse backgrounds,” said Aspen Tech Policy Hub Founding Director Betsy Cooper. “These recommendations outline those steps and other resources that private, public, and academic institutions can provide.”

It is estimated that only 4% of cybersecurity workers self-identify as Hispanic, 9% as Black, and 24% as women. The national reckoning on racial justice that began in mid-2020, prompted by the murders of George Floyd, Breonna Taylor, and other Black Americans at the hands of police, further clarified that current DEI efforts, however well-meaning, have not addressed the overwhelming white-ness and male-ness of the cybersecurity field.

“Though many individual organizations are working to improve diversity, equity, inclusion, and belonging in the cybersecurity industry, there has not yet been a convening across groups to identify gaps and establish industry-wide best practices, “ said Aspen Digital Executive Director Vivian Schiller. “Our workshops and the resulting recommendations aim to fill that need and contribute to the forward movement of the field.” 

Throughout the workshops, participants agreed that making meaningful progress on DEI requires further investment from both industry and philanthropy through funding, staff time, leadership, and technology.

“The Hewlett Foundation is proud to support this initiative to meaningfully and sustainably incorporate diverse voices into the cybersecurity workforce,” said the Hewlett Foundation’s Director of the Cyber Initiative, Kelly Born. “We’re grateful to the workshop participants for providing their unique perspectives and robust expertise.” 

Aspen Digital and the Aspen Tech Policy Hub thank Camille Stewart for her thought-leadership; Eli Sugarman, Monica Ruiz, and Kelly Born for the support of the Hewlett Foundation; and the Hub’s Meha Ahluwalia and Mai Sistla for serving as lead authors. 

Those seeking to learn more and download the full report are invited to visit: aspeninstitute.org/dei-cyber.

###

The Aspen Tech Policy Hub is a West Coast policy incubator, training a new generation of tech policy entrepreneurs. The Hub takes tech experts, teaches them the policy process through fellowship and training programs, and encourages them to develop outside-the-box solutions to society’s problems. It models itself after tech incubators like Y Combinator, but trains new policy thinkers and focuses on the impact of their ideas. For more information, please visit https://www.aspentechpolicyhub.org. The Aspen Tech Policy Hub is an initiative of Aspen Digital.

Aspen Digital empowers policy-makers, civic organizations, companies, and the public to be responsible stewards of technology and media in the service of an informed, just, and equitable world. Part of the Aspen Institute, it shines a light on urgent global issues across cybersecurity, the information ecosystem, emerging technology, the industry talent pipeline, tech and communications policy, and innovation. The program then turns ideas to action and develops human solutions to these digital challenges.

The Aspen Institute is a global nonprofit organization committed to realizing a free, just, and equitable society. Founded in 1949, the Institute drives change through dialogue, leadership, and action to help solve the most important challenges facing the United States and the world. Headquartered in Washington, DC, the Institute has a campus in Aspen, Colorado, and an international network of partners. For more information, visit www.aspeninstitute.org.