How do we create a thriving culture in the cyber security industry?

Our industry’s culture is dominated by men.

It’s elitist.

No matter what you have accomplished to date, or you may do in the future, the industry is likely to make you feel like you are not enough.

It’s cut-throat.

There’s little gratitude or loyalty. Some people can come across as mercenaries only looking out for their self-interests.

It’s political.

95% of enterprise security is about navigating office politics. Some people are more concerned about their reputation and status than delivering real security.

Honestly, I’m keeping the list of horrible behaviors that our industry has seen to a minimum so as to not horrify our readers.

If you’ve been in this industry for many years, you know that much worst happens.

The good news is that our industry is well aware of these issues and is changing:

  • Women and people of all ages and backgrounds are joining and contributing to our industry
  • Diversity of thoughts, approaches, and ideas is seen as more important than any elitism
  • Helping people is the mandate of our industry. That means teaching, guiding, mentoring and advising.
  • Social etiquettes are enforced by the community (e.g. no drinking at conferences, no online bullying etc.)
  • Content and people are becoming more accessible for anyone who wishes to learn

We’re still far away from what I would consider being a welcoming and warm industry where people of all walks of life can feel safe and supported by the community.

If this blog post resonates with you, then I would like to invite you to become champions of a thriving cyber security culture. One that is all-inclusive, open-minded, of service, and that takes a stance against unacceptable social behaviors.

Some very simple things that any champion can do:

  • Work at being open-minded every day. Everybody has a place in this industry. It’s not because you don’t understand or disagree with a person’s approach that your ways are superior.
  • Teach others, even if you are a beginner. We need to train 3 million cyber security professionals over the next 10 years, one person at a time.
  • Raise your voice. When you notice online bullying. When you hear unacceptable comments. When you see unacceptable behaviors.
  • Be of service. The mandate of our industry is to help. Any help you gives makes the world a better place.

Benjamin Mossé