Seen & Heard: Notes on Diversity, Equity & Inclusion in Cybersecurity from the RSAConference© 2019

For the last several months, I’ve collaborated with a team of people to produce articles for the RSA Conference© 2019 blog.  A key member of that effort is Lisa Rothstein who was gracious enough to join us at RSA Conference© and use her sketch noting talents to document several sessions.  So many people were blown away by her ability to capture hours of content in a very readable and visual format that we left the notes up on the wall on the 3rd floor of Moscone West where people took selfies with the notes, much like the one below.

Since Lisa is such a gifted artist and listener, and is a first-timer to this conference I asked her to share her perspectives in the following article.

Thanks for reading our articles and enjoy!!


In my work as a messaging strategist and brand storyteller, I specialize in extracting and articulating the essence of what’s being said.

At the RSA 2019 conference, I saw and heard a lot about Diversity & Inclusion, and took visual notes.

Here are some of my key takeaways.

The event featured more women, more cultures and more conversations around #DEI

Previous conferences were criticized for being too insular, too male, too white, in an age where not only is that kind of homogeneity no longer ok on a social and equity level, but the talent shortage in cybersecurity requires more people, from all genders, cultures, ages and backgrounds, to solve it.

RSAC got the message.

This year’s conference had more diverse speakers and discussions around diversity in the industry were front and center.



Cybersecurity is losing women faster than they can hire them

The talent shortage is real — and worse because even once hired, women don’t stay. In Deirdre Diamond’s session we heard a lot of grim stats, among them that only 14% of women remained in Cybersecurity five years or longer. This contributes to fewer women in leadership, which makes the environment less hospitable to new female hires, who leave, and the cycle continues.




According to Elaine Marino, (CEO of and founder of LadyCoders Conference in Denver) women still get most of the “housework,” like taking notes in meetings, and less of the opportunities to shine that lead to promotion.  This perpetuates the impression that their careers are going nowhere, and lowers incentive for them to remain. Cybersecurity needs to stop this leakage as much or more than it needs to fill the bucket.


Men must be part of the solution.

James Gordon of Intel Corp. has a lot to be proud of. The initiative he headed to promote diversity, equity and inclusion at the company hit its first target ahead of schedule, and now Intel’s workforce has already increased its female representation 8.5% while also boosting under-represented minorities by +17.7%, African Americans by +31.4% , Hispanics by +10.8%  and Native Americans by +40%!

He is a firm believer that diversity allows Intel to better serve its customers. But it’s not enough to hire more women, or to make speeches about diversity. Men in tech need to take positive actions to make sure women belong and succeed. Along with Karen Worstell of Mojo Maker, Gordon coined the slogan #BeAnAlly to exhort more men to step up and actively participate in the effort to balance the scales in tech.





Women need to be bold and claim the spotlight for themselves

Women who want to prevent being overlooked in their careers can take matters into their own hands. At the “She Speaks Security” panel, (featuring Joyce Brocaglia, EWF; Elena Elkina, WISP; Andrea Little Limbago, Virtru; Mari Galloway, WSC; Jessica Gulick, WSC And Bobbie Stempfley, WSC) I heard a host of useful tactics for women on how to use public speaking to raise their profiles in their organizations and the industry as a whole. While tech conferences are often accused of fielding all-male panels and keynotes, women can’t get on those stages if they’re not applying to speak. As the moderator of this all-female panel stated, “It’s not an option for women to sit down and be quiet.”



A commitment to Diversity & Inclusion improves life and work for everyone.

With its nonstop crisis mode, the impression of ever-growing threats, long hours and a culture that has celebrated those “who can take the heat”, Cybersecurity is a breeding ground for burnout. Women, who often still bear the majority of family responsibilities for both children and elderly parents, have it even rougher, which contributes to their dropping out of the industry at twice the rate of men. By taking steps to improve life for everyone — for example providing both maternity and paternity leave, floating holidays that people of different faiths can use as they choose, and flexible hours for caretakers of aging relatives, companies make their workplace at once more equitable, more inviting to diverse talent and better overall.



Diversity of Experience & Thought = More Creative Thinking

Emily Heath of United Airlines made a passionate and convincing business case for the positive business effects of hiring diverse talent, separate and apart from any moral or social considerations . At United, they recruit for the ability to solve specific problems, and search for out-of-the-box talent that bring a wide array of life and professional experience and creative ideas to the table. This has allowed her team to springboard innovation, while increasing its female representation to 46%.


I also heard some challenges.

Some men think the diversity issue is “solved.” 

I heard this from well-meaning men and from other women who reported what they’d been hearing in their workplaces. Because women and minorities are now being seen more in the workplace, there’s an attitude among some men that diversity and inclusion are no longer an issue. These impressions are purely anecdotal, however, as women still only comprise 18% of all technical roles, and very few are in leadership roles, especially in tech companies.

Men who want to #BeAnAlly need to know HOW.

Even for men in tech companies who buy into the concept of supporting women in their organizations, it’s sometimes hard to navigate between being helpful or intrusive. And it’s hard to know exactly what actions they can personally take. Companies can’t expect men to “just know” what to do; specific training and dialogue are needed. Steps like taking responsibility to actively sponsor an individual woman on their team, and asking ahead of time whether their presence will be welcome at an all-women’s conference, for example, and how they can best support it, are the kinds of practical actions that can help men #BeAnAlly.



Diversity & Inclusion efforts can’t begin and end with recruitment.

I repeatedly heard that many companies were “ticking the box” by hiring diverse talent, but then leaving them to shoehorn themselves into a culture that didn’t help them belong, or making them the de facto poster child and go-to person around diversity at the organization. For better performance and retention, companies need to take active steps in the onboarding process to make new hires feel an integral part of the team, not a token.  As Elaine Marino of LadyCoders Conference says: “Diversity is like being invited to the dance, inclusion is being asked to dance, and equity is knowing all the songs at the dance.”


Unconscious bias is everywhere.

Companies need to be ever-vigilant around its language (is “compassionate” more likely to be attributed to a female, while “decisive” more to a male?)  its recruiting practices and even its perks and rewards to counteract and prevent unconscious bias from repelling diverse talent or stopping them from being considered in the first place. Individuals who see it need to call it out, and we all need to acknowledge it ourselves. It’s likely to be a long process, but with practice, more companies will begin to recognize it and root it out.

Conclusion: On the right track, and not there yet

Overall, from what I observed, the trend toward diversity, equity, and inclusion in Cybersecurity is encouraging. More large companies are talking about it, and some, like Intel and United, are taking real, visible, significant steps to improve, and are seeing the benefits. The challenge for the industry may be to avoid becoming a victim of its success — by interpreting early signs of positive change as equivalent to having reached the goal.  And as time goes on, companies need to share more stories of success –and yes, data — that highlight the positive effects of a more diverse workforce. As I’ve found with my visual notes, once people can see an idea, they’re more likely to understand, remember, and act on it.


This series is the collaborative work of  Karen Worstell, CEO of W Risk Group and founder of MOJO Maker for Women in Tech and Elaine Marino, CEO of Equili and founder of LadyCoders.  We’re using our combined decades of experience as women leaders in Tech to bring you actionable, executive level strategies that you can use to build, develop, and retain your talent in an intentional way that contributes directly to your bottom line AND advances your company capacity for innovation and increase productivity. That’s what our initiative “Solving the CyberSecurity Talent Crisis” for RSA® Conference 2019 was all about.  Follow us online, and let us hear from you! Learn more at or engage with us on Twitter at @karenworstell.

Lisa Rothstein is a brand storyteller who helps tech companies craft messages that inspire action and fierce loyalty in customers and internal stakeholders alike To receive a copy of all of Lisa’s visual notes from the RSA 2019 conference, or for more information, email or contact her through her website

Find more information about the RSA® Conference 2019 or to share the shorter blog published by RSAC click here

No Comments

Post a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.