Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

Why Diversity of Thought in the Workplace Matters

Organizations Need Strong Leadership Backing in Order Train Managers on More Inclusive Management Styles

Organizations Need Strong Leadership Backing in Order Train Managers on More Inclusive Management Styles

Workplace demographics have evolved greatly in the past half century with women and minorities represented in much larger numbers than at any time previously.  Gender, age, and ethnic diversity – among others – have become valued benchmarks for companies in gauging whether employee talent and executive leadership adequately reflects the overall population.  Diversity is clearly good for business, but for reasons that go far beyond optics or good PR.  Simply put, the more diverse your workforce, the more diverse their perspectives. Hiring people of varied backgrounds and views generates the kind of thoughts and ideas vital to working smartly and quickly, which is especially important in the cybersecurity industry where discerning an attacker’s motives and strategies is critical to staying one step ahead.

Cyber intelligence tradecraft is an integral component of cyber security. Security analysts daily collect and interpret data to direct strategic decisions and inform leadership. Successful cyber intelligence programs successfully synthesize data, research, trends and techniques to build useful actionable intelligence. However, doing this effectively requires that analysts interpret new evidence free from any cognitive bias that could lead to conclusions confirming existing ideas and positions. 

Cognitive biases are mental shortcuts made to quickly process information and decide on an action. Not every cognitive bias leads to bad decision making, but many can. In fact, hackers and threat actors bank on cognitive biases to get their targets to download malware or give up protected data. Some examples of common cognitive biases include:

• Automation bias: Overly relying on automated systems to generate information and guide decisions. 

• Confirmation bias: Interpreting, focusing on, or recalling information that confirms preconceptions. 

Advertisement. Scroll to continue reading.

• Selective perception: Letting expectations affect perception. 

• Zero-risk bias: Preferring to reduce a small risk completely rather than reducing a larger risk by a bigger overall margin. 

Maintaining objectivity and guarding against biases and reflexive group think is especially important to security analysts tasked daily with evaluating an ever-increasing amount of complex data.  Distributive decision-making can help reduce cognitive biases that may lead to limiting group think, while building a diverse workforce of people with a multitude of different characteristics is a natural way to ensure diversity of thought.  The more unique the experiences/backgrounds of the analysts who comprise your security team, the better and more comprehensive their ideas, intelligence and analysis are likely to be.

A Deloitte University Press GovLab report (PDF) points out that by increasing diversity of thought, employees are less likely to disregard new information or be afraid to challenge the status quo. Employees will feel safer to present new ideas and, more importantly, to disagree. In turn, this may also lower cognitive dissonance (e.g. believing one thing, but doing the other). The report details the many benefits diversity of thought may offer organizations broadly, and by extension security teams specifically, noting that “Even the slightest nuance of one worker’s thinking, if appropriately harnessed, could bring value to the organization.” such as:

• Guarding against groupthink and expert overconfidence leading to more thorough and innovative information processing. 

• Increasing the scale of new insights to connect multiple tasks and ideas together in a new way. 

• Helping organizations identify the right employees to align individuals to specific teams and jobs where their unique skills would be most beneficial. 

Ultimately, diversity of thought fosters psychological safety, which is a shared belief among teams that they perceive they are safe to take risks, and is one of the core indicators of highly effective teams. While the benefits of promoting diversity of thought are clear, it’s not easy to make these changes. 

Organizations need strong leadership backing in order train managers on more inclusive management styles and reconsider their organizational policies to ensure they cater to a diverse workforce. As a service-based company, we value constructive conflict, differences in opinion, and promoting the unique backgrounds and traditions our workforce brings. These diverse teams not only allow us to harness different skill sets for cybersecurity’s unpredictable moments, but are instrumental in getting the “best” out of our employees, not just the “most.”

Written By

Alastair Paterson is the CEO and co-founder of Harmonic Security, enabling companies to adopt Generative AI without risk to their sensitive data. Prior to this he co-founded and was CEO of the cyber security company Digital Shadows from its inception in 2011 until its acquisition by ReliaQuest/KKR for $160m in July 2022. Alastair led the company to become an international, industry-recognised leader in threat intelligence and digital risk protection.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

Tracey Mustacchio has joined Everfox as Chief Marketing Officer.

Mark Carter has been appointed Chief Information Security Officer at Socure.

Spektrum Labs has named Mark Cravotta Chief Operating Officer.

More People On The Move

Expert Insights

Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.