The Ripple Effect: Building a Diverse Security Research Team

Conference:  BlackHat USA 2021



Creating a diverse and inclusive team in cybersecurity and DevOps requires addressing unconscious bias in recruitment, providing on-job training, and fostering a knowledge-sharing culture.
  • Addressing unconscious bias in recruitment by reformatting job descriptions, reaching out to women in tech communities, and posting separate job listings for different levels of experience
  • Providing on-job training by assuming knowledge gaps, creating a safe and supportive learning environment, and allowing new hires to prove themselves over time
  • Fostering a knowledge-sharing culture by splitting tasks equally, setting aside competition, and creating standard platforms for knowledge sharing
The speaker shared how they increased the number of women applicants from 2.5% to 50% by reaching out to women in tech communities and posting separate job listings for different levels of experience. They also emphasized the importance of creating a safe and supportive learning environment for new hires and fostering a culture of knowledge sharing within the team.


Achieving a diverse, inclusive team which is a dream to work in was not a short journey. It took time and was well worth the effort. While the industry numbers paint a gloomy picture for gender equality and representation, we successfully built a thriving diverse team of hackers with equal representation.There were no misogynists, sexists, or toxic culture of any kind on our core team. Yet initially, it consisted entirely of men and no women. There was an unconscious bias that kept us in this state. We will share our journey to reveal and measure this bias and to ultimately increase female representation from 0 to 50%.According to the Global Gender Gap Report 2020 (by World Economic Forum), it will take on average more than 100 years for women to reach gender equality. This is unacceptable and we can and must make it happen sooner.Our hope is to share some tools with allies attending Black Hat to help make the change on their teams as well (tools for team members, leaders, and upper management alike). Incidentally, the same tools had not only created a more inclusive environment, they have also improved our R&D team atmosphere and deliverables.This is not a technical talk. You won't learn the bits and pieces of a fancy protocol or internals of an OS. It will however improve your team's technical skills by fostering a healthy environment to work in.