If you watched the Emmys last month – or, if you’re like me, watched the clips on YouTube afterwards – you probably caught the opening number in which Kate McKinnon, Kenan Thompson and others reflected on the diversity of this year’s nominees. “I’m going to go ahead and say it; we solved it!” joked Thompson about representation in television, before launching into a full song and dance parody, which naturally ended with the realization that they had not, in fact, ‘solved’ diversity, but that they had a “long way to go.”
Like television, cybersecurity has also not ‘solved’ its diversity problem, and we too have a long way to go. One area we certainly haven’t solved is conference speaker lineups where you’ll often find ‘manels’, or mostly-white-male keynote line-ups.
Even if we haven’t solved it, it’s worth highlighting some of the efforts to improve and shed more light on the roots of problem. Non-profits, individuals and some conference organizers are tackling the issue in different ways but with the same goal: to improve speaker representation. What are they doing? What can we emulate? Where do we need some help?
Conference Attendance
If people from under-represented backgrounds aren’t attending security events, are they likely to want to speak at them, or even realize that it’s a possibility? It’s been heartening to see organizations like Women in Security and Privacy help fund women’s attendance at DEFCON and Black Hat. It’s also not uncommon to see individuals on Twitter offering up extra tickets (or tickets they can’t use) to conference newbies or to people from disadvantaged backgrounds.
Introductory Speaking Opportunities
My first conference speaking gig – at a local conference in Boston – was a co-presentation with an experienced speaker and mentor. Until that point, I hadn’t really considered speaking; I’m not sure I’d ever submitted to a call for speaker proposals. However, my co-speaker guided me through the process, and I discovered that I enjoyed it and wanted to do it again.
It’s been encouraging to see more speaking opportunities targeting first time speakers (BSides Las Vegas Proving Ground matches new speakers with mentors) and speakers from diverse backgrounds (I’m a huge fan of the Diana Initiative, which I spoke at in 2017). Local meetups are another good introductory opportunity, though that depends a bit on the meetup organizers. For those wondering how to get more women to your events: invite women to speak and support them when they do.
The Role of Allies
A number of men have pledged to not participate in ‘manels’. This is a pledge that’s not limited to cybersecurity by the way; the spiritual leader at my house of worship made the same commitment. While I have, on more than one occasion, approached a conference or event about a lack of diverse speakers, it sure helps when male allies do it too, and it really makes a difference when they take a stand and give up a speaking gig to make room for someone from an under-represented group.
This would never have happened five years ago; today, it’s a pleasant surprise; my hope is that with the precedent set, others will follow the example.
The Sponsorship Conundrum
On a couple of occasions, I have spoken up to conference or panel organizers about a lack of diversity, and in the follow-up conversations and in conversations with other conference organizers, I discovered that some events were hamstrung by their sponsors. Many conferences and events offer keynote slots or panel participation to their top sponsors; this is often a necessary way to fund the event. Sponsors, after all, want some exposure for their money, but the downside is that the conference organizers lose some control over the speaker roster.
If half of the keynotes are sponsored, and if the sponsors all send men to do the keynotes, as happened at one major conference last year, the organizers are beginning the diversity race five yards behind the starting line.
Certainly, conference organizers bear ultimate responsibility for their speaker lineup. They also need enough money to put on the event, and sponsors like speaking slots. However, sponsors only send one speaker, and they probably don’t consider how that person fits into the overall conference lineup.
Would this be an issue if there were more women in cybersecurity so companies had more women to choose from to send to sponsored speaking gigs? Nope. Is there anything conferences can do to incent sponsors to send more diverse speakers? That question deserves more debate than we have time for, but I’m heartened that we’re starting to ask.
Cue the Dancers?
Not yet, but I appreciate those taking action to bring more women and under-represented groups to events, those encouraging new speakers, and those making personally uncomfortable decisions or asking hard questions about current structures. It’s a multi-pronged problem, and we all have our roles to play if we really want to ‘solve it’.