Cybersecurity

Embracing DE&I Intersectionality: A Catalyst for More Effective Cyber Incident Response

Jon Krabacher
November 7, 2023
6 min read

At a glance

The big picture: The role of a cyber incident responder is more critical than ever as these professionals are tasked with protecting organizations from cyber threats, mitigating risks and minimizing the impact of security incidents.

Why it matters: One of the often-overlooked aspects of becoming a better cyber incident responder is the integration of diversity, equity and inclusion (DEI) intersectionality into the responder’s mindset and approach.

 

The role of a cyber incident responder is more critical than ever as these professionals are tasked with protecting organizations from cyber threats, mitigating risks and minimizing the impact of security incidents. As cyber threats continue to proliferate, targeting organizations of all sizes and sectors, it is imperative for cyber incident response (CIR) teams to be well prepared at mitigating threats. One of the often-overlooked aspects of becoming a better cyber incident responder is the integration of diversity, equity and inclusion (DEI) intersectionality into the responder’s mindset and approach. DEI intersectionality can translate to more effective and empathetic cyber incident responders and, as a result, increase the overall effectiveness of any CIR program.

What is DEI intersectionality?

DEI intersectionality is the interconnectedness of various aspects of an individual’s identity, including but not limited to race, gender, sexual orientation, age, disability and socio-economic background. One of the primary benefits of incorporating DEI intersectionality into CIR teams is gaining a broader understanding of diverse perspectives. Cyber threats and security vulnerabilities affect individuals from all walks of life, and their experiences and concerns vary greatly. A cyber incident responder who recognizes the importance of DEI intersectionality is better equipped to appreciate the unique challenges faced by different groups within an organization or society.

Communication and collaboration

Effective communication and collaboration are crucial components of successful incident response. DEI intersectionality can improve communication by fostering an environment where all team members feel valued and heard. When team members come from diverse backgrounds and bring unique perspectives to the table, they can contribute different insights that lead to more effective CIR strategies. For example, a CIR team with various technical backgrounds (IT infrastructure and networking, threat intelligence, security operations, law enforcement, etc.) can leverage that diversity as cyber incidents overlap into various domains. Furthermore, a diverse team of cyber incident responders can connect with a broader range of stakeholders within an organization. They can better engage with employees, executives and clients from various backgrounds, making it easier to convey the importance of cybersecurity and compliance measures. This improved communication can lead to stronger relationships and more robust security practices.

Problem solving and bias mitigation

Cyber incidents are multifaceted, often requiring creative and adaptable solutions. A diverse team of responders, each bringing their unique perspectives and skills, can brainstorm innovative solutions more effectively. DEI intersectionality fosters diversity of background, experience and thought, which can significantly enhance a responder’s ability to tackle these challenges. Diverse teams bring a broader range of ideas and approaches to the table, leading to more innovative and effective solutions.

Embracing DEI intersectionality also plays a crucial role in reducing biases in incident response. Unconscious biases can influence decision-making; leading responders to jump to conclusions, make false assumptions and waste valuable time. A responder who practices mindfulness of their own biases is better equipped to recognize potential biases in their team’s decisions, is better equipped to make impartial judgments, and ensures a more defensible incident outcome. During a cyber incident, being able to step back and differentiate what are facts (based solely on data), what is an assessment (based on limited data, intelligence and/or experience) and what are feelings (not based on data, intelligence or experience) is imperative for defensible incident response. Encouraging individuals to question assumptions and consider alternative viewpoints is invaluable in cybersecurity, where threat actors constantly adapt and evolve. By embracing a variety of perspectives, responders can better anticipate emerging threats and stay one step ahead of cyber threat actors.

Empathy and resilience

DEI intersectionality can also foster empathy and resilience in cyber incident responders. Understanding the intersectional experiences of others can lead to a greater sense of empathy and compassion, which are essential qualities for dealing with the aftermath of a cyber incident. The ability to adapt and respond effectively to cyber incidents often requires resilience. Often cyber incidents can last weeks, with long working hours, time away from family and friends and meeting people for the first time under the most stressful of circumstances. Cyber incident responders who embrace DEI intersectionality are better prepared to approach incidents with an empathetic mindset, adapting their strategies to address the unique challenges presented by different incidents and impacted groups.

Moving the needle

So where do we go from here? As the cyber threat landscape continues to evolve, incident responders must evolve as well. Embracing DEI intersectionality is a powerful step toward becoming a more effective cyber incident responder and strengthening the overall team. Here are some actionable steps to integrate DEI intersectionality into a CIR approach:

  • Invest in DEI training and education. Understand the unique challenges and experiences each individual brings and foster an atmosphere of empathy and inclusivity so that others feel comfortable sharing their stories.
  • Encourage and promote diversity within the incident response team. A diverse team brings a variety of perspectives and skills to the table, enhancing problem-solving capabilities.
  • Review and update incident response plans to ensure they are inclusive and considerate of the intersectionality of those affected by cyber incidents.
  • Continuously work on recognizing and mitigating biases in decision-making processes. Encourage open discussions about bias and assumptions within the team.

Embracing DEI intersectionality has the potential to transform cyber incident responders into more effective, empathetic and inclusive professionals. By understanding the diverse identities and experiences of victims, perpetrators and responders; incident responders can better assess threats, communicate more effectively and develop more inclusive response strategies. Embracing DEI intersectionality is not only a moral imperative but also a strategic advantage in the complex and ever-changing cybersecurity landscape.

To explore similar topics around diversity, equity and inclusion in the cybersecurity space, read our blog series on diversity in cybersecurity.

Read the results of our 2023 Global IT Executive Survey: The Innovation vs. Technical Debt Tug-of-War.

To learn more about our cybersecurity solutions, contact us.

Jon Krabacher

Associate Director
Security and Privacy

View all posts

You may also like

Subscribe to Topics

Protiviti Technology Follow

Protiviti leverages emerging technologies to innovate, while helping organizations transform and succeed by focusing on business value.

ProtivitiTech
protivititech Protiviti Technology @protivititech ·
18 Apr

Learn more about what GRC Managed Service is and what it can do for SAP S/4HANA and SAP cloud solutions in the latest #SAP Blog post. https://ow.ly/OMaL50RfsHw #ProtivitiTech

Reply on Twitter 1781035159438954997 Retweet on Twitter 1781035159438954997 Like on Twitter 1781035159438954997 Twitter 1781035159438954997
protivititech Protiviti Technology @protivititech ·
17 Apr

Protiviti is a proud sponsor of ServiceNow Knowledge 2024—a three-day conference all about #AI. Stop by our booth (#2503) to visit with our team and learn how the #ServiceNow platform makes business transformation possible. https://ow.ly/qa6p50Rh9wf

Reply on Twitter 1780627914964308382 Retweet on Twitter 1780627914964308382 Like on Twitter 1780627914964308382 Twitter 1780627914964308382
protivititech Protiviti Technology @protivititech ·
16 Apr

What is #DesignThinking? Could it help your organization? Find out how Protiviti uses it to help clients build net new applications and modernize legacy systems. https://ow.ly/fMK550Rfsoi #ProtivitiTech

Reply on Twitter 1780204913663873376 Retweet on Twitter 1780204913663873376 Like on Twitter 1780204913663873376 Twitter 1780204913663873376
protivititech Protiviti Technology @protivititech ·
15 Apr

Join our May 2 webinar designed for privacy and security professionals seeking to navigate the intricate nuances of data governance within the ever-evolving global regulatory landscape. Register today! https://ow.ly/hzrG50R4fTX #ProtivitiTech #DataPrivacy

Reply on Twitter 1779872392535212145 Retweet on Twitter 1779872392535212145 2 Like on Twitter 1779872392535212145 1 Twitter 1779872392535212145
protivititech Protiviti Technology @protivititech ·
12 Apr

The latest Technology Insights Blog post offers insight into the unique risks associated with Large Language Models (LLMs) and how to establish strategies to mitigate them. https://ow.ly/q3w550RfbXm #ProtivitiTech #TechnologyInsights

Reply on Twitter 1778890996282982442 Retweet on Twitter 1778890996282982442 Like on Twitter 1778890996282982442 Twitter 1778890996282982442
Load More