{"id":2671,"date":"2025-04-08T06:30:00","date_gmt":"2025-04-08T06:30:00","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=2671"},"modified":"2025-04-08T06:30:00","modified_gmt":"2025-04-08T06:30:00","slug":"why-dei-is-key-for-a-cyber-safe-future","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=2671","title":{"rendered":"Why DEI is key for a cyber safe future"},"content":{"rendered":"<div>\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<div class=\"container\"><\/div>\n<p>Now more than ever, cybersecurity is a national security and international security imperative. As the US government rolls back support for diversity programs and shrinks the size of the federal workforce, the risk grows: a shrinking talent pool, AI blind spots, and weaker national security. In an era where cyberattacks are evolving daily, sidelining diversity isn\u2019t just a setback \u2014 it\u2019s a vulnerability.<\/p>\n<p>Diversity is a cybersecurity superpower \u2014 without it, we\u2019re fighting an increasingly complex cyber war with severely limited resources. Cyber threats come from all over the world, weaponize social and political dynamics and bias, and exploit blind spots that homogenous teams often miss. Diverse teams supported by best practices like psychological safety produce unique perspectives, sharper problem-solving, and a broader understanding of global threats, making defenses stronger and more adaptive.<\/p>\n<p>The <a href=\"https:\/\/www.sharethemicincyber.com\/\">#ShareTheMicInCyber<\/a> (#STMIC) movement, for example, was created to shine a light on the often unseen yet important contributions of Black cybersecurity professionals to cybersecurity, privacy, and technology, and to dismantle institutional barriers toward greater diversity, equity, inclusion, and belonging (DEIB) in this field. As veterans of the military, of federal service, of the White House, technology companies, and public policy programs, #STMIC\u2019s driving force is the safety and security of our nation. #STMIC as part of broader DEIB efforts in cybersecurity are simply a means toward that end.<\/p>\n<p>We have seen up close the threats to our public health and safety, economy, and critical infrastructure that underpins our daily lives by malicious cyber actors. These threats aren\u2019t going away, in fact, they\u2019ll only increase as more insecure devices and critical functions connect to the internet and AI reduces barriers to entry for malicious actors. We need actionable and practical solutions focused on combating risks as they materialize and evolve, along the entire spectrum of security and resilience, and we will continue to work to develop them through our community.<\/p>\n<p>Amid rising cybersecurity threats to the United States and a chorus of voices calling for more <a href=\"https:\/\/www.csoonline.com\/article\/2074581\/the-cybersecurity-skills-shortage-a-ciso-perspective.html\">cybersecurity talent<\/a> to fill hundreds of thousands of roles, we recognized that DEIB efforts were crucial to meeting those challenges. We believe, as we did back when #STMIC began, that diversity is vital to cybersecurity and therefore, our national security. Many decry DEIB efforts as a means to replace individuals currently working or operating in a space, but this stems from a pervasive scarcity mindset. Today, there are around 450,000 cybersecurity <a href=\"https:\/\/www.cyberseek.org\/heatmap.html\">job openings<\/a> in the US \u2014 this staffing shortage does not begin to approach the true need for experienced workers, which is only <a href=\"https:\/\/www.isc2.org\/Insights\/2024\/10\/ISC2-2024-Cybersecurity-Workforce-Study\">increasing<\/a>. The goal in cybersecurity and privacy is to <em>grow<\/em> a workforce and body of expertise, not shrink it.<\/p>\n<p>By illuminating career pathways or creating opportunities for those who have been historically overlooked, DEIB programs welcome people that may not have been exposed or traditionally have lacked access to the space. Across the US, Black practitioners make up only 8% of the total tech <a href=\"https:\/\/comptiacdn.azureedge.net\/webcontent\/docs\/default-source\/research-reports\/comptia-state-of-the-tech-workforce-2024.pdf?sfvrsn=a8aa5246_2\">workforce<\/a><a href=\"https:\/\/comptiacdn.azureedge.net\/webcontent\/docs\/default-source\/research-reports\/comptia-state-of-the-tech-workforce-2024.pdf?sfvrsn=a8aa5246_2\">.<\/a> In a 2024 ISC2 <a href=\"https:\/\/www.isc2.org\/Insights\/2024\/10\/ISC2-2024-Cybersecurity-Workforce-Study\">report<\/a>, an annual survey that looks at the gender, age, and skills of the cyber workforce, less than 15% of cybersecurity practitioners identify as female. Earlier <a href=\"https:\/\/www.wicys.org\/wp-content\/uploads\/2024\/04\/2023-State-of-Inclusion-Benchmark-in-Cybersecurity-Report.pdf\">studies<\/a> have consistently shown that women have been systematically excluded from career growth, recognition, and access to opportunity. Removing DEIB-focused staff and curtailing DEIB focused initiatives is harmful to our cyber and national security because it limits our ability to understand the threat landscape, recruit and maintain personnel, and innovate on new ways to mitigate risk, ultimately capping US capabilities to innovate and defend.<\/p>\n<p>That was the lens through which we created #STMIC and how it evolved from a social media movement and community of practitioners and allies to the establishment of the #STMIC Fellowship at New America. In just two years, our diverse Fellows have published articles and papers that illuminate overlooked issues and provide recommendations to address them, such as addressing real-world harms of <a href=\"https:\/\/www.newamerica.org\/future-security\/reports\/gendered-harms-of-data-weaponization\/\">cyberattacks on women<\/a>, combatting<a href=\"https:\/\/www.newamerica.org\/future-security\/reports\/navigating-the-landscape-of-misinformation-and-disinformation\/\"> AI-driven misinformation<\/a>, a model bill to help states address <a href=\"https:\/\/www.newamerica.org\/future-security\/reports\/civilian-cyber-corps-a-model-law-for-states\/\">cyberattacks on small-and-medium sized businesses<\/a>, and shoring up support for the cybersecurity <a href=\"https:\/\/www.newamerica.org\/future-security\/reports\/translating-the-artificial\/\">risks of the metaverse<\/a>.<\/p>\n<p>Effective cybersecurity demands a socio-technical approach, as it requires a complex interaction between human and science in creating, maintaining, and securing technology. Different cultures, communities, regions of the country, genders, use technology differently and adopt behaviors based on societal and cultural dynamics. Those behaviors and dynamics can illuminate why and how a person might be manipulated or when they may use a technology in an unexpected or abnormal way. That information is essential to building technical, policy, environmental, and behavioral mitigations to cyber risk. Ultimately, the codes, protocols, and developers protecting and defending our information and critical infrastructure, work within the context of regulations, economics, and culture, and the safest and most secure systems take both into account. Having a diverse team is the best way to anticipate, identify and mitigate risk.<\/p>\n<p>Current efforts to sow division on the importance of DEIB will only lead to less security for all. We invite everyone to <em>act<\/em> now, to support each other, and organizations like #ShareTheMicInCyber, for a diverse and therefore more secure cyber environment.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Now more than ever, cybersecurity is a national security and international security imperative. As the US government rolls back support for diversity programs and shrinks the size of the federal workforce, the risk grows: a shrinking talent pool, AI blind spots, and weaker national security. In an era where cyberattacks are evolving daily, sidelining diversity [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":2664,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-2671","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/2671"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2671"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/2671\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/2664"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2671"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2671"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2671"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}