In their RSA Conference session titled ‘Building the cybersecurity innovation pipeline’ in San Francisco on April 17 2018, Grant Bourzikas, CISO & VP McAfee Labs and Chatelle Lynch, SVP and Chief Human Resources Officer, McAfee Labs, discussed the importance of diversity in building a high-performing security team.
Bourzikas, who has three hundred security professionals in his team – and insists on being present for the interviews of every single one – explained how important it is to sell the company to the interviewee. “I interview every person we bring in because we’re investing in them, but much of that time is spent on a sales pitch for working for McAfee,” he said. “My success is based entirely on the people that work for me,” he added.
High-performing teams depend on diversity of thought, Bourzikas explained, “unfortunately the current talent pool is predominantly white males.”
In order to attract a more diverse talent pool, “we need to get into their heads, work out what motivates them, what they are passionate about,” he said. Bourzikas advised targeting internships as “they are impressionable and we need more good quality cybersecurity professionals with the right mindset to fulfill the two million cybersecurity job shortages that we will have by the end of 2019.”
Chatelle Lynch argued that diversity needs to be built into the industry’s DNA. “There is so much unconscious biased,” she said. “We get better with diversity.”
Lynch explained that somewhere between the ages of 11 and 15, “we lose girls who had interest in STEM at age 11 and by the age of 15, they have lost the desire to pursue a STEM career.” She suggested that role model exposure is critical to the success of creating a more diverse workforce.
Finally, Bourzikas advised the audience to ask five pertinent questions of their business, and offered five potential answers:
- 1: How can we attract talent?
A: Drive diversity at entry level positions
- 2: How do we retain talent?
A: Invest in your team
- 3: How do we have a talent pipeline for cybersecurity?
A: Look for potentials not in cyber
- 4: How can we utilize community outreach?
A: Create a passion for learning and inquisitiveness
- 5: How can we transform our current talent strategy?
A: Start with top talent - teach cyber