“Sometimes it is the people no one imagines anything of who do the things that no one can imagine” Alan Turin

Recently, I attended The SASIG Equality, Diversity and Inclusion conference and listened to some wonderful presentations from professionals who are committed to creating inclusive environments. I don’t claim to be a security expert but I do have a good grasp of diversity and inclusion. The speakers painted clear images within their talks which resonated with their audience and it is this that has inspired my blog.

Diversity in cyber security

Square Peg Round Hole

The keynote presentation was from Lord Lieutenant Ken Olisa who shared his personal experience of racial stereotyping and assumptions. In his closing remarks he beautifully referenced the scene in Apollo 13 when the crew and ground engineers are tasked with fitting a square peg into a round hole.  This example demonstrated the value of having a diverse team with a range of creative approaches provides a wider pool of solutions and more successful. This theatrical example resonated with the audience, many of whom were familiar with the scene and others who were familiar at least with the phrase “square peg, round hole”.

Diversity is key to success

There are endless dramatised examples of how genius can be found when we embrace difference. One particularly relevant example is Benedict Cumberbatch’s performance of Alan Turin in the Enigma Code. Alan Turin’s sexuality and eccentricity meant he experienced alienation and persecution yet his skills in maths and logic were pivotal in defence during the second world war and have left us with the modern computer. His work on artificial intelligence formed the foundation of CAPTCHA technology which is a familiar part of our day-to-day cyber security. At Bletchley Park, home to the WW2 Codebreakers, text from the exhibition reads: “Bletchley’s codebreaking success came not in spite of people’s differences, but because of them. It’s a compelling role model for the power of diversity that resonates still today.” (full quote above). If diversity is not embraced then the talent pool is limited and without inclusion the team fragments.


McKinsey has been examining diversity in the workplace for several years. Their report on Diversity Matters states that “Companies in the top quartile for racial and ethnic diversity are 35 percent more likely to have financial returns above their respective national industry medians” and “Companies in the top quartile for gender diversity are 15 percent more likely to have financial returns above their respective national industry medians.”

So why are businesses struggling to improve their diversity and inclusion when it’s clear it could only strengthen their teams and improve their finances? Rogero Rizzi claims this the main barrier is unconscious bias and how employers often subconsciously create an image of what an ideal candidate looks like “very often people involved in the hiring process tend to opt for candidates that look and think like them or have a similar background.”


Significant funds are being invested in cybersecurity to improve diversity and inclusion. SASIG’s second conference on the topic of Equality Diversity and Inclusion explored some of the initiatives in place to diversify teams. One initiative worth mentioning is Code First: Girls, a social enterprise set up to encourage young women into coding and tech sector work. They are aiming teach 20,000 women to code by the end of 2020.

“11 to 24% in two years Proportion of cybersecurity employees who are female” Source: IC2

Take action to create diverse and inclusive workplaces

In conclusion diversity and inclusion is good for business and should be high on the agenda.  In order to keep a diverse population secure online we need a diverse pool of security professionals who can use their creativity and difference to work together and deliver a solution that meets the diverse needs of the global population.

Businesses need to be more aware of possible unconscious bias in recruitment and ensure they have established an inclusive culture to ensure they retain their diverse staff team. They can achieve this through research, climate assessment and tailored training carried out by external training providers like The Garnett Foundation.   They should seek opportunities to join with organisations that are striving to improve access, like Code First: Girls and take advantage of the diversity in their teams.

Mary Mobbs-Beal