Ahead of Infosecurity Europe, (ISC)² and the Chartered Institute of Information Security (CIISec) have released a new guide to inclusive language in cybersecurity.
The guide outlines the importance of inclusive terminology and language to fostering a more inclusive cyber profession and offers an alternative vocabulary guide and general language guidance for cybersecurity professionals.
The current cyber workforce gap stands at 3.4 million, and the global cybersecurity workforce still needs to increase by 65% to effectively defend organizations’ critical assets. Organizations understand that they need to rethink how they hire and that closing the workforce gap means addressing the lack of diversity and inclusion in the industry.
“To attract as many people as possible to the cybersecurity industry, we need to ensure that the barriers to entry are tackled,” said Dwan Jones, Director of Diversity, Equity and Inclusion at (ISC)².
“This means fostering more inclusive environments and changing the negative perceptions of cyber which allows for more individuals from diverse backgrounds to see themselves in the cyber profession. Inclusive language alone will not solve all of these problems, but it can help change the work culture and avoid alienating those we need to fill the workforce gap,” Jones added.
Sign up for the Women in Cybersecurity event at Infosecurity Europe here.
Amanda Finch, CEO at CIISec said, “The challenge lies in identifying, hiring and correctly supporting skilled employees from any and every background. If the industry doesn’t act then others will and we’ll see that talent either go elsewhere or lie completely undiscovered.”
She highlighted a “worst-case scenario” which could see people with fantastic potential end up working for the bad guys, who recognize and support their different needs.
“The industry must ensure this isn’t the case by doing more to attract these prospective cybersecurity stars of the future. A big part of this will come down to the language that we use, and ensuring we foster a more inclusive culture that the industry needs,” Finch added.
Thoughts on Language from the Experts
Leading members of the cybersecurity industry were involved in the creation of the document that gives and general language guidance for cybersecurity professionals, offering key tips to keep in mind when writing code and documentation.
“Language can be the thing that breaks or binds us, which is why we can use it to break down barriers,” said Sarah Armstrong-Smith, Chief Security Advisor at Microsoft.
Nicola Whiting MBE, Co-owner of Titania Group, noted that while language does not define us it does shape us, and also affects how others perceive us. “Showing you care about peoples worth, by actively choosing empowering language (demonstrating you value and respect others) isn't only good business, it's good humanity," she said.
Finally, Nurul Gee Zulkifli Lead, Business Efficiency & Employee Engagement at Standard Chartered, added: “There is power in words, and you can make a difference with them. Choose inclusive words that acknowledge and enable others to be seen, heard and valued.”
The Alternative Vocabulary Guide
The Alternative Vocabulary Guide is organized into categories around race and ethnicity, gender and orientation, accessibility, military and criminal justice, and age. The general language guidance offers key tips to keep in mind when writing code and documentation, including:
● Avoiding using terms that have a social history
● Avoiding acronyms, idioms, and jargon
● Being mindful of perpetuating stereotypes or biases
● Using automated accessibility checks and authoring tools
The guide is available to download here. To learn more about (ISC)²’s diversity, equity and inclusion initiatives and access available resources, please visit https://www.isc2.org/DEI.