It’s no secret that people who aren’t straight white cis men face challenges in the tech industry. The number of computer science graduates from minority backgrounds remains below 10 percent in the United States. Over 50 percent of women in technology end up leaving before the age of 35. We can obviously rattle off any number of reasons for these problems — prejudice is still all too common in society, and the tech industry, despite some of our utopian self-image, reflects that. It’s also true that many people of color say that they have difficulty finding mentors within the industry.
One movement to help rectify that situation? A number of professional organizations exist to help further the cause of IT professionals who are members of underrepresented groups in the industry and connect them to one another. Larry Whiteside, Jr., co-founder of the International Consortium of Minority Cybersecurity Professionals, put it this way when asked the motivation behind a group like his: “What led us to found it was us really not seeing enough people that look like us as we traveled to conferences and spoke at conferences and watch keynotes. We don’t just want to increase the diversity in the industry; we want to increase retention of the diversity that already exists. Would you stay in an industry where you didn’t see anybody that looks like you all the time — and once you get into it, you felt marginalized and you were never brought to the table to be part of the decision-making culture?”
Groups like Whiteside’s have worked to turn the tide against that sort of world. Our sister publication CIO has put together lists of organizations focused on diversity in tech and organizations specifically for women, but these are for the industry generally. We’ve assembled our own list of orgs that specifically focus on infosec and related fields.
International Consortium of Minority Cybersecurity Professionals
The International Consortium of Minority Cybersecurity Professionals (ICMCP) aims to increase diversity in the cybersecurity field through training, scholarships, and opportunities. As its mission statement puts it, “Under-participation by large segments of our society represents a loss of opportunity for individuals, a loss of talent in the workforce, and a loss of creativity in shaping the future of cybersecurity. Not only is it a basic equity issue, but it also threatens our global economic viability as a nation.”
The organization offers funding that can be put towards a number of different educational paths, ranging from certificate programs to graduate schools. Membership is free to students and includes access to programs like MentorcliQ mentoring software. A cyber careers program aims to connect job candidates — including those who aren’t on traditional career paths — with interested employers. And there’s a big annual conference that aims to promote dialogue on how to bring more minorities into the infosec workplace.
Women in CyberSecurity
Women in CyberSecurity (WiCyS) was founded by Dr. Ambareen Siraj of Tennessee Tech University through an NSF grant. Its goal is to bring together women from academia, research, and the private sector for knowledge sharing, networking, and mentoring. WiCyS holds an annual conference (the next one is in Denver in September 2021) that aims to “recruit, retain, and advance women in cybersecurity.”
The organization encourages networking and mentorship through its network of regional affiliates and student chapters. In six years, WiCyS has issued over 3,000 scholarships, 350 faculty lodging grants, 26 veteran fellowship awards, and just launched the WiCyS BIPOC Fellowship Award. Additionally, WiCyS provides in-person/virtual conference and career fairs; training programs such as Security Training Scholarship made possible by Google, AWS Learning Series, and the National Cyber League made possible by Target. There are also a number of WiCyS-produced webinars on both technical and career-focused subjects. Members can join the speakers bureau and take advantage of other community benefits.
The International Order of Black Security Executives
The International Order of Black Security Executives (IOBSE) was founded in 1982 by six Black executives attending the American Society for Industrial Security (now known as ASIS) conference, who were “concerned about the relatively small number of minority professionals, and the role black security professionals could have in helping young people.” The national organization still meets at ASIS every year in honor of its roots, but also has an annual Spring Conference (although 2020’s was cancelled due the coronavirus pandemic), and the organization has a number of other initiatives as well.
IOBSE offers scholarships to minority students interested in IT security. In fact, despite “executives” being in the name of the org, they’ll accept student members as well, along with associate members who are in the field but not yet at the executive level. And as the org’s name implies, it has an international reach, with local chapters around the world in places like Nigeria and Jamaica.
Women in Security and Privacy
Women in Security and Privacy (WISP) is a group focused on advancing women into leadership roles in the privacy and security fields. Their four major initiative areas are education (helping women acquire the skills and education they need in the field), mentoring and networking (helping build a community), advancement (helping women climb the ladders of their careers), and leadership (putting women in thought leadership positions within the industry).
To promote networking in particular, they have a tandem program, which matches women together based on areas of expertise and interest to serve as mentors/mentees for each other. WISP also has a job board, and sponsors a number of events, which range from career-centered affairs like their DEFCON leadership panel to more technical events like their forum on GDPR and CCPA.
Minorities in Cybersecurity
To address what it sees as a failure in many organizations “to understand the unique social, generational, political, cultural and economic hurdles an individual may face to achieve next level career success,” Minorities in Cybersecurity (MiC) aims to provide support, resources, and leadership development resources to minorities in the field. The organization offers practical knowledge and help with career development skills that often aren’t taught in formal educational settings.
MiC programs include Community Calls for open discussion and networking and a leadership book of the month club. MiC members can benefit from an MiC Team, monthly coaching and mentoring sessions that include working with a small peer group to set career goals; these groups are tailored for where an individual is in his or her career, ranging from college to director level. Members can also take advantage of the MiC job board. (Check out MiC Chairman and CEO Mary Chaney’s chat with CSO about vulnerability management.)
NeuroCyber is a UK-based organization that aims to improve opportunities for neurodiverse individuals — that is, people on the autism spectrum or with other similar conditions — within the cybersecurity profession. One of their mottos is that “It’s easier to think outside the box when you already live there.”
The organization sponsors in-person events, often in tandem with larger industry conferences. It also has a speaker’s bureau to provide advocacy, and makes available a number of case studies that affirm the value of neurodiverse professionals within the industry.
Women in Identity
Women in Identity (WiD) sums up their vision like this: “Digital identity solutions built FOR everyone are built BY everyone.” On their LinkedIn page, they further explain the connection between the field of identity management and their values: “Identity is all about recognizing the individual human behind a transaction or interaction.” Their goal is to promote a more diverse workforce, both by helping members network and advance through the field and by encouraging them to speak up and offer thought leadership on topics of injustice and bias.
WiD offers meetups and other events (currently virtual during the coronavirus pandemic) and can provide public speakers. Members can participate in the WiD forums and weekly virtual coffee breaks to connect with other members.
Queercon began its existence in 2004, as a hacker party within the notorious Defcon security conference. Over the next fifteen years, it developed into a social network for LGBTQ people within both IT security and the hacker world. Queercon still happens in parallel with Defcon every year, with a combination of mixers, technical talks, and advocacy. (Check out the schedule from last year’s event to get a sense of what’s on offer.)
The organization also offers smaller events across the year, including local meetups. During the pandemic, the group has been looking for other ways to keep members connected, which include running a moderated Discord Server.
Executive Women’s Forum
The Executive Women’s Forum (EWF) was founded in 2002 by Joyce Brocaglia, CEO of the recruiting firm Alta Associates, which focuses on IT security and risk; she wanted to create organized opportunities for women executives to gather and share ideas. As the group’s LinkedIn page puts it, “The EWF’s mission is to bring together the highest caliber of women who work in what has been a traditionally male-dominated industry and help them succeed.”
The EWF provides a number of opportunities for networking, ranging from local Cheer networking dinners to regional meetings hosted by corporate sponsors to the organization’s big annual conference (held virtually in 2020). Members can participate in the Lift mentoring program or the or enroll in the Leadership Journey program, a curriculum that Brocaglia developed.
Blacks in Cybersecurity
Blacks in Cybersecurity (BIC) is a conference series, meetup group, and social organization rolled into one, with the stated goal of “solving the disparity between the Black community and Cybersecurity knowledge and resources.” It emphasizes a laid-back, casual atmosphere (it’s the only organization on this list that has a Twitch channel as well as a LinkedIn group), and wants to reach out to people interested in infosec at all skill levels — not just those who work in the profession.
BIC started life as a conference and that’s still the centerpiece of its year; 2021’s is predictably virtual. The organization also offers a training program where members can add to their skills, a job board, and an online community space that includes partnership and mentorship opportunities. (You can also buy cool merch.)
Copyright © 2020 IDG Communications, Inc.