If You Say You’ve Looked for Diverse Talent and Can’t Find It, You’re either Lazy or a Liar

If You Say You’ve Looked For Diverse Talent And Can’t Find It, You’re Either Lazy Or A Liar.jpeg

By Selena Templeton

Kathie Miley, COO of Cybrary, a free online cybersecurity training site, and Gabrielle Hempel, a Cybrary user and now a Security Analyst at Accenture, chat with ITSPmagazine’s Selena Templeton about getting more diverse talent in cybersecurity.

The title of this podcast is a bold one – if you say you’ve looked for diverse talent and can’t find it, you’re either lazy or a liar – but it’s a subject that is not only important to many people on a personal level, it’s a crucial one for an industry that’s looking at a talent shortage crisis that is only going to get worse unless we actively do something about it.

Gabrielle has been told numerous times to her face: “You don’t look like you’re a security analyst...or a mechanic” – both of which she is! When she responds with: “What am I supposed to look like?” they usually get red-faced and have no answer.

If we had more diversity being represented, people would never say to women or people of color you don’t look like a security analyst because the image of a security analyst would be so varied.

Cybrary started by simply offering video courses online so that everyone, no matter where they live or what their financial situation is, can learn about cybersecurity – anyone can go to their site and access all their courses for FREE.

Cybary offers:

  • Certification-based training like CompTIA Security+, Cisco CCNA, CISSP

  • 100s of videos in a myriad of certifications

  • A program called Career Paths that allows top cyber/IT companies to lay out the different courses/assessments and the score that job applicants need in order to get a specific position, such as a SOC Analyst.

Within the first couple months Cybrary grew their user base to 300,000 – and now have 1.8 million members and over 10 million minutes of training.

In this podcast, Kathie, Gabrielle and Selena discuss:

Job Descriptions

We must use inclusive language and eliminate gender-biased words, like “rockstar,” “ninja,” “dominate” and “kill it.”

Men will usually apply for a job even if they’re qualified for only 60%, women generally won’t apply unless they’re qualified for 100%, and neurodiverse/Autistic folks are binary thinkers who also typically won’t apply unless they hit 100% of the qualifications. We must be more thoughtful about the ridiculous job qualifications and certifications we stuff into a job description.

Recruitment Pipelines

If you always do what you’ve always done, you’ll always get what you’ve always gotten. So we need to be looking outside of the typical talent pools, like:

  • Female-focused job and speaker websites like Hire Tech Ladies, Innovation Women, Women Speakers Association — not to mention your organization’s social media networks.

  • Specific conferences such as Queercon, Hacking Diversity, Day of Shecurity, The Diana Initiative, WiCys (Women in Cybersecurity)

  • Aspertise, a technology service company staffed with Atypical folks (Aspergers, Autistics, High IQ) to serve the need of its clients.

  • The Dandelion Program, which integrates autism in the workplace (in Australia).

  • Cybrary, which has a diverse talent pool.

  • Social media – Selena reached out on Twitter looking for a woman in cybersecurity to join a panel and within 24 hours received 10 qualified responses.

Hiring Process

Unconscious bias is a huge obstacle when it comes to resumes and interviews. Numerous studies show that when reviewing resumes with the exact same qualifications, people will still perceive the woman as less qualified than the man.

We need to do blind resume screening that keep names, gender and ethnicity hidden.

We also need to make sure all people in the hiring process are diverse.

Enjoy the podcast — and check out Cybrary for cybersecurity training or to look for diverse talent!

About Kathie Miley

Kathie Miley.png

Kathie Miley has 25 years of experience in the information technology and security field, and is currently serving as the Chief Operating Officer at Cybrary, Inc, the world’s first open source platform for cyber security and IT learning.

Kathie has held a variety of leadership roles in the information security and cyber industry including positions at Invincea, RiskAnalytics, Predictive Systems Global Integrity division, NetSec, MCI, Verizon’s Enterprise Solutions, CyberTrust and Terremark divisions.

Her expertise includes Enterprise Governance Risk and Compliance, Security Policy Assessment and Development, Global Managed Security, Physical Security and Advisory, Cyber Threat and Intelligence, Vulnerability and Patch Management, Identity and Access Management, Security and Network Architecture, and IT Security Training and Enablement.

Kathie previously served a board member of the ISSA-DC Chapter, and has held memberships in industry security organizations including ISACA, ISSA, ASIS, HIMSS, and others. She currently maintains her CSX, and carried certifications for HIPAA Security Expert (CHSE) and Certified HIPAA Privacy Expert (CHPE).

Find Kathie on Twitter & LinkedIn.

Find Cybrary on Twitter & LinkedIn.

About Gabrielle Hempel

Gabrielle Hempel.png

Gabrielle E. Hempel, B.A., B.S., is a graduate of the University of Cincinnati, where she studied Neuroscience and Psychology. She worked for Advarra Institutional Review Board in regulatory compliance, and led specialized committees targeting Phase I research and emergency research.

She moved to IT consulting in 2018, and currently works as an Information Security Analyst with Accenture. She serves as a mentor for a student cohort of cybersecurity analysts, and volunteers with various community organizations that encourage youth and minorities to pursue careers in STEM.

Find Gabrielle on Twitter & LinkedIn.