By Cody Hewell and Nicole Dillard, Senior Consultants, Cyber Risk Advisory
How would you describe the people that make up the U.S. technology industry? Our guess is the word “diverse” isn’t the first trait that comes to mind. This is because, unfortunately, even with a reputation as one of the world’s most progressive and forward-thinking industries, there is a significant lack of diversity in tech. Between Juneteenth becoming a federal holiday and celebrating Pride Month, June is the perfect time to talk about diversity.
First, some background information and a few stats. In 2014, tech companies like Apple, Facebook, Microsoft, and Amazon began releasing diversity reports. Fast forward seven years later and these numbers have seen little increase. Black employees’ share of Facebook’s workforce increased from one percent to just under four percent in this time period, according to this USA Today article. And when you look at diversity in leadership roles, numbers are even lower. Black employees make up nine percent of Apple’s workforce, but just three percent are in leadership positions.
What about the cybersecurity industry specifically? According to a recent Forbes article, women make up just 14 percent and Black employees at three percent of the information security workforce. And this recent study indicates men outnumber women three to one in cybersecurity overall. These statistics remind us it is easy for a company to issue a statement on its diversity and inclusion efforts, yet challenging to turn that same statement into real change.
It’s important to note that, at BARR, we believe diversity goes beyond just race and gender. It can also take the form of socioeconomic backgrounds, ethnicities, sexual orientations, veteran statuses, learning and physical disabilities, and much more. We need representation from people across all of these diverse populations. And we need them now.
First, let’s talk about why we need more diversity in tech, and then look at how a boutique firm like BARR is leading the charge.
Why Do We Need More Diversity in the Tech Industry?
Our idea for this article stems from daydreaming about what the tech industry could look like with more diverse backgrounds. Rather than creating a diversity and inclusion plan because everyone else is doing it, let’s explore five reasons we think our industry can benefit exponentially from increased diversity.
- Diversity leads to a diverse thought process across your organization. Diverse thought leads to new ideas, new paths forward, and new solutions to seemingly unsolvable problems, which ultimately means growth.
- More diversity across current employees means a more welcoming environment for new employees—and clients. By fostering a welcoming environment for people across all walks of life, you open new doors which can lead to more opportunities.
- With more diversity comes an increase in knowledge and perspective. Employees can learn from and with each other. They can teach and celebrate what makes each person, their culture, region, traditions, and mindsets, unique and special.
- A true focus and effort on increased diversity inspires others to do the same. By acknowledging a lack of diversity within your organization and working to combat it, you’re igniting a spark that can inspire your peers, clients, and competitors to follow suit. This leads to more representation, which helps break down barriers that currently exist and allows diverse populations to see themselves working as a cybersecurity analyst, security engineer, CISO, and beyond.
- Perhaps most important of all, it creates a better world for everyone. Think bigger, far beyond your company headcount. Diversity in the workplace is just the beginning because it builds employees’ understanding and empathy. Employees take these qualities with them as they move from work to home. Lauren Hannawald, chief of culture and communications, sums it up: “Leading with inclusion is the foundation of everything we do at BARR. When we all have the freedom to be our whole selves, we are one step closer to a more inclusive world.”
How BARR Leads with Inclusion First
In the words of Malcolm Forbes, publisher of Forbes Magazine, “Diversity is the art of thinking independently together.” BARR Advisory is hoping to do just that by building a team of individuals who feel free to be their true selves at all levels of the organization.
“We envision an environment where our associates can bring their whole self to work, speak their mind, and feel comfortable sharing their ideas and opinions,” said Whitney Lindsey, director of people operations. “We’re taking actions like examining the ways we treat each other at work and the behaviors our associates are rewarded for. We’re ensuring our recruiting, talent management, and pay practices are equitable. And, at the most basic level, we’re being intentional about recruiting and promoting underrepresented groups and backgrounds.”
As two current associates ourselves, we are amazed at how BARR puts its words into action, focusing on diversity and truly cultivating it from the inside out. We see leadership team members working to remove barriers to entry into the cybersecurity field by engaging with non-traditional talent programs, like Apprenti. We see BARR partnering with educational institutions, like Donnelly College, to showcase the cybersecurity industry to students who may not otherwise have ever considered it as a career option, assist in securing cybersecurity program grants, and connect students with potential tech-industry mentors.
What else is BARR doing? And how can your tech-focused company replicate and expand our efforts? Let’s find out.
How You Can Join Us
Here are 12 BARR tactics your company can implement to boost diversity, equity, and inclusion:
- Assess current company culture
- Reduce unconscious bias from the hiring process
- Explore pipelines that focus on diverse tech talent
- Weave diversity, equity, and inclusion into the onboarding process
- Add inclusive language and remove educational requirements from job descriptions when applicable
- Replace the term “culture fit” with “values fit” during the hiring process
- Develop a diversity, equity, and inclusion-focused survey to benchmark representation across your current team
- Commit to a fair compensation policy based on merit and market rate
- Partner with community organizations who share your dedication to diversity and inclusion
- Bring in guest speakers who can share varying perspectives and help employees celebrate different cultures and traditions
- Join the nonpartisan Time to Vote initiative to promote voter participation
- Create an in-house charitable foundation (ours is called the BARR Belong Foundation) to support causes close to employees’ hearts
As associates, we’re inspired by BARR’s authenticity and vigorous drive to get this right. We see transparency, inclusivity, and unparalleled support from each associate, regardless of who they are and where they come from. From day one, we’ve felt safe to be ourselves unapologetically.
We’re proud of the progress BARR has made thus far, but also recognize there is always room for improvement. We believe the most effective way to measure success will be a blended approach of representation—who we’ve hired, retained, and promoted—combined with data and insights on how inclusive employees feel our company culture is.
After all, diversity isn’t something you can discuss one day and hope to fix the next. It requires consistency, dedication, openness, and willingness to be bold and take risks.
What should you do with all this information? Join us in this effort by implementing some of the diversity, equity, and inclusion tactics shared, contacting us with questions or suggestions, or becoming part of our team.
About Our Authors
Nicole Dillard, Senior Consultant, Cyber Risk Advisory
As a senior consultant in BARR’s cyber risk advisory practice, Nicole Dillard is responsible for planning and executing information technology audits (SOC 1, SOC 2), client risk assessments, and GRC Advisory engagements for clients in a wide range of industries. Skilled in project management, Nicole has several years of experience assessing the design and effectiveness of control environments and ensuring client engagements are carried out in the timelines established. Prior to her work at BARR, Nicole worked at KPMG. She has a Bachelor of Business Administration in accounting and management information systems from Baylor University.
Cody Hewell, Senior Consultant, Cyber Risk Advisory
As a Senior Consultant in BARR’s Cyber Risk Advisory practice, Cody Hewell has successfully worked within attestation doing audit engagements at BARR Advisory and other firms. Previously, he worked in GRC and risk teams at Fortune 500 companies. In addition, he has past U.S. Military experience, including active and reserve roles in the U.S. Army, working in technical operations. Cody earned a Master of Science in information systems from Georgia State University, a Master of Science in instructional systems and learning technologies from Florida State University, and a Bachelor of Arts in political science from the University of Georgia.