Many technology firms insist they would love to hire more Black women but just don’t know where to find them. Camille Stewart, head of security policy for Google Play and Android at Google, and Lauren Zabierek, executive director of the Belfer Center’s Cyber Project at Harvard Kennedy School, are not buying it, so they decided to make this search very, very easy. On Friday (March 19) they will host #ShareTheMicInCyber, a daylong campaign on Twitter and LinkedIn designed to boost the profiles and share the experiences of Black women working in cybersecurity and privacy, domains long dominated by white men. The goal is to expand opportunities for female Black professionals and to inspire allies to bring about change in their firms and the field. The event is inspired by last year’s #ShareTheMicNow, an Instagram “takeover” co-founded by Netflix senior executive Bozoma Saint John. Stewart and Zabierek recently spoke to the Gazette about why the tech industry remains so far behind in diversifying its work force.
Camille Stewart and Lauren Zabierek
GAZETTE: Aside from basic fairness, why is it so important to have more Black women, and more Black people overall, in the field?
STEWART: Harvard Business Review did a study on this. We’ve seen that diverse companies have better outcomes, a stronger bottom line, [and] diverse viewpoints yield innovative outcomes. In cybersecurity, a challenge that is rooted in people, understanding not only the human psychology of the people you seek to protect, but of the malicious actors is essential to being effective. If you don’t understand the communities in which you’re implementing technology … there’s no way that you will effectively understand the risk you’re trying to mitigate or how far your mitigation goes toward mitigating that risk. So it’s really important as practitioners to understand the communities we’re operating in and to open ourselves up to being innovative and to understand how far our risk mitigations actually limit the vulnerability or change the course of the problem. It’s important from an efficacy perspective, it’s not just a nice-to-have.
ZABIEREK: This is also something we’ve been looking at within the intelligence community.
We look at training and tools and data as being very necessary for the business of intelligence. But so is diversity, because if we can’t understand the security problems of different populations, not only domestically but also internationally, then how are we going to be able to do the analysis and do the operations and talk to sources and understand the security environment in which we operate for our greater national security?
GAZETTE: What do you hope to accomplish with the campaign?
ZABIEREK: A lot of people talk about “the pipeline,” but there are a lot of people here already doing the work. So we want to focus on them because there are so few women, and especially Black practitioners, women and men, in leadership positions. We want to help to create that pathway, however we can, to get more people into leadership positions.
STEWART: There are multiple objectives: hiring, if that’s what the need is, but also to [make clear] that there are people of color working in this space. There’s also this line of discourse that says, “I would have put a person of color on this panel, but I don’t know any who work in cyber.” That’s not true. Also, surprisingly, you actually need to be pretty public to move up the ladder; platform is a big part of ascension within this field. So we’re giving people a platform. People have been working in this space for a long time and have done the work, but don’t have the networks or the proximity or the platform to continue to grow, so we’re helping with that piece. We’re expanding folks’ networks on both sides: The cyber allies and the practitioners now know each other in ways they didn’t before and can call on each other, can share opportunities. When people talk about “I had a position to hire, and I sent it to literally everyone I know,” if “everyone you know” means nobody of color, that’s a problem. And to Lauren’s point about “pipeline,” to truly affect “the pipeline,” they need to see people who look like them to feel empowered and to feel excited, to feel like they can grow within the space. If I look up and I see no one who looks like me within leadership, at the first moment of discouragement, I’m out. It’s a hard road to slog if you feel like there’s no opportunity to grow. So we’re putting a face to that, as well.
GAZETTE: Despite periodic hand-wringing about having “more work to do,” Silicon Valley has made almost no progress hiring, retaining, and promoting Black people since the industry launched its last self-examination in 2014. Why is that?
ZABIEREK: Part of it is cultural. You hear a lot about “cultural fit.” There are a lot of jobs out there, but [Black professionals] are not getting into those roles. It’s either systemic racism or institutional racism or overt [racism].
STEWART: It’s all rooted in systemic racism. You’ve built institutions that weren’t made for people who didn’t build the institutions. Cybersecurity and tech were all built by white males who work at Stanford and Ivy League schools, and so they built a culture that doesn’t include other perspectives. Not intentionally, but that’s why the “systemic” part is so important. It’s not that necessarily people are like, “I don’t want Black people; I don’t want people of color; I don’t want women in my organization.” But when they’ve created a “bro culture” or one that centers on white experiences and doesn’t make room for somebody who has an accent or a different last name, it’s a self-fulfilling prophecy. Of course, the culture doesn’t fit because that’s a whole different culture. So systemic racism underpins it.
GAZETTE: How receptive are people in positions of power to this notion that this is a systemic problem that needs to be addressed now and that they should play a key role?
ZABIEREK: We’ve had a lot of luck getting those people to become allies and to share their platform and to provide opportunities to people, to invite them to meetings, to invite them to boards. I look at someone like “Mudge,” Peiter Zatko, head of security at Twitter. He’s an older white male; he’s been in government; and he’s been in tech. He is someone who’s been very committed to sharing the platform and getting more diversity into Twitter. Same with Royal Hansen, [vice president of security] at Google. But then, there are some people who are probably in the middle who aren’t there yet.
STEWART: There are a lot of people who continue to have a scarcity mentality and feel like giving voice and platform to people of color means that there’s no room for them — which is completely mindboggling in a space where we are desperate to fill roles. Cyber security has 500,000 unfilled jobs where we need people to be helping us solve these challenges, and you’re worried because we’re giving voice to people who are already in this space and doing good work or trying to get more people to help try and fill those roles and to think differently than you so we can be more innovative and attack these challenges? So yes, there are a lot of people who are open, but there are a lot of people who are not. And also, there’s a difference between action and meaningful action. Sharing your Twitter and LinkedIn account is a great start, but you can actually change your entire organization and influence the leadership around you to be more intentional about how they are changing systems.
I think a lot of tech companies have a heart for these issues, but they don’t have the stomach to stand in the gaps, to make demands, to make changes that will feel uncomfortable to parts of their organization, that will call into question how we lead organizations and how we build organizations and company cultures. And so, until we get more folks in leadership who have that stomach, that constitution, to do the hard work, we’ll continue to see very slow, if any, change.
Interviews have been edited and condensed for clarity and length.