Hello and welcome. I'm Rose Calzado.I'm currently the head of cybersecurity supply management at Fidelity International, and I'm very excited to share my nearly twenty years experience on diversity and leadership in security, in cybersecurity, where I have worked all my career. Diversity is an area very close to my heart. As a Venezuelan who came to London at a very young age with my family and I'm a female in technology. I want to start by grounding us in a simple truth. Cybersecurity today needs a diverse perspective because it's not optional. It's essential. The threats we face are evolving rapidly and so must the way we think, lead and protect. This session is about more than just representation, it's about how inclusive leadership and diverse teams actually drive better outcomes.

When we bring different life experiences and ways of thinking to the table, we unlock new ideas, change assumptions and build more resilient systems. So let's explore what it really means to write as a collective and why doing so matters now more than ever. The importance of diversity in cybersecurity. So, let's discuss first of all, what are the challenges in cybersecurity today? Every day there are relentless streams of new and increasing sophisticated threats. Attackers are leveraging advanced technologies, including AI, which is changing the game. To automate and isolate exploitations, all these threat actors are using a variety of technologies. This has created a scenario where we, as professionals, are constantly reacting, often overwhelmed by the volume and complexity of the threats to our all of our environments. So cyber threats are the best, so our team should be too, it's a no brainer.

The best teams bring different ways of thinking, which help us spot risk others might miss. Inclusion plus innovation. When people feel included, they're more engaged and more likely to contribute to bold, innovative ideas. That's not just good for culture, it's good for security. Leadership sets the tone. Leadership plays a critical role when leaders prioritise inclusion. It becomes part of how we work, how we lead, and how we protect. Inclusive leadership fosters an environment where individuals feel empowered. Let's discuss the importance of diversity in our teams. There are many types of diversity today. We are going to concentrate in gender diversity, racial, neurodiversity and social mobility. However, all the advantages we are going to discuss will benefit the whole of the organisation because we are all, at the end of the day, human, and we're all unique.

Some of the advantages per time, embracing gender diversity, promotes a balanced approach to problem solving, encounters encourages diverse view port points. As a female in technology, it's like the book Men are from Mars and Women are from Venus. I'm sure all of you here today have felt that way sometimes in your career when we feel like we are from different planets. Cultural and racial diversity brings a very experience and ideas, embraces creativity and innovation. Due to the by due to the vast micro background, it's a no brainer. Anilodiversity, new type of diversity is being, understood in the world right now that offers unique problem solving skills, improves team dynamics and performance. Social mobility provides opportunity to underrepresented groups, talent that was untapped before, fosters a more inclusive work environment.

Embracing diversity's perspectives can provide strategic advantages, drives team success, and fosters individual growth in security. There are studies that show that diverse teams are more successful. There are many of them. And how can a diverse team kind of impact the way we work? So let's start with empowers diverse, diverse thinking. What is diverse thinking? Inclusive leadership makes a space for different voices to be heard. Because in cyber, those diverse perspectives help us to spot risk earlier and responds with more creativity. I have a great example that from the team I worked previously. There was a cybersecurity team, at CDRs, Center of Defense Operations, make up of people from different cultural backgrounds, and one of them was neurodivergent. During a threat modeling session, the neurodivergent analyst came up with an approach to to anomaly detection that no one had considered.

The idea led to the development of a brand new detection algorithm. It it was recognized by peers in the industry, had white papers written about, and also save a lot of work internally on detection and also reduce false positive as we know in cyber how how much work we do in order to try to avoid avoid false positive in in order detection systems.

It fosters psychological safety. What does that mean? When we lead with empathy and create a space to open, honest conversations, people feel safe to speak up. And what that means, collaboration flows and problem solving gets a whole lot more creative. There are many examples of when you try to create new systems and you open the conversations, and by adding people in different roles, processes improve, you you mold how the the the team operates, and it is truly empowering. Inclusive leadership and diversity initiatives. So let's talk about my experience, how I got here. I'm not from HR. I don't work in the in in the in the diversity programs or diversity, shaping organizational diversity. That's not my role. I am a I started as a security consultant, manager, now head of teams in cyber, always since university.

But I always found a way to influence change in every organization. In this slide, there are examples of initiatives that I have participated, championed throughout my career. I segmented them in the employment life cycle because it's easier to follow, but I'm going to discuss them in the way that I experienced them and how that made me grow in different areas because it was very organic how I got to be involved in different in all the different areas.

So I began my career in sorry. Growing Leaders in the UK government. When I was in that company, that was my first exposure on structure diversity and leadership development. Never never had to think about it before that. That was what allows me. What was still doing my degree. At first I'm sharing the importance of inclusion and the barriers many people encounter throughout their careers, because there were people from different ages and different walks of life. That set me up in a path of success, giving me the tools I needed for the rest of my career. Following that role, I joined one of the next one of the big fours as a security consultant And I noticed that I was often the only women in a lot of the rooms or even in, in the client side and on them from in the consultancy side of things. Experience drove me to champion initiative for women in cyber and tech.

I participated in mentorship programs and body system for new female recruits that really help building a support network right from the start of these new employees because they have the support. Then when I started doing recruitment as a manager, I noticed in the analyst recruitment, focus on the narrow set of universities. Myself did my degree part time, and my own university wasn't part of the universities that were targeted. That was an eye opener. A champion partnership with HR to expand the outreach to include a wide range of universities. I did, analysis of all the universities that have security programs, but my aim was to outreach to as many people as we come from different different backgrounds. I work alongside peers to deliver security presentations to these universities and ensure we attend their career fairs to attract diverse talents into security roles.

When people see when HR sometimes go out, they won't be able to advocate for your company the same as you or people from your teams. Or, when people see people like them in their teams and they hear different stories, how they are got there or different stories of how they're working, it really attracts the best talent because it becomes employment is not a one way street anymore. It's a two way. It's a relationship, employee, employee and employer. In another organization, I developed recruitment strategy aimed at creating the best panels to avoid biases. This actually was gave me my, I was shortlisted for the woman and IT awards. My first recognition in woman IT awards was to actually work in diversity. I I keep that with a lot of pride. Then, while working in different organisations, I also started seeing the challenges of retention. It is cybersecurity is a hot topic. It's a very especially in Europe and in UK, which is where I have my experience, but I work in global teams, and we have those challenges everywhere.

In one of these companies, I created graduate roles in my team for people in that company. Graduates will, go around in six months placements. So I created one structure with that learning path that made them, their graduates feel empowered and learn a lot of security skills. I'm very happy to say a lot of those graduates came back to the cyber team after graduation for permanent roles, and some of them are very, successful cyber professionals today. Other areas I worked very tirelessly was understanding people's, personality styles. It is about diversity, but it really was an eye opener how different analyticals drive express expressive and will work together in an agile environment. That really gave me the the vindicated to me the importance of diversity and how we can take advantage of to improve productivity because it foster everybody will, have task with their strength, but also encourage development in other areas.

And most recently, an area that is very close to my heart now, created, a framework for assessing companies' neurodiversity maturity for recruitment and retention. I'm part of the neurodiversity work stream at my current company, and we are in a very early stage of improving the what neurodiversity means and how we can tap into that talent, what it means for cyber. But so far, we have great success stories about, many, many peep employees, getting, diagnosis later in life and the changes it has made to their life, understanding themselves and also, the changes they can do to their work life. So I'm going to move to the strategies to embrace and diversity in cyber security from my experience And what I did is put them again in the employment life cycle, but with actionable actions that anybody can take, start improving in their own companies. If the it doesn't have to be a a a a 100% of as you as you saw from my previous my experience, I started very slowly just looking at areas I could tackle and the areas I I could, influence. So if we incorporate diversity into the cyber, into the cyber talent pipeline, as we know, it's very difficult to obtain cyber talent today, so open nontraditional pathways to employment.

We try to look at candidates from non cyber backgrounds, apprenticeships, and look at educational institutions with various cyber programs, not just degrees. There are a lot out there. Collaborate with HR to reach to this organisation. Talk to your HR about what agencies, how do how they are reaching to these employees to these new employee new employees. And the most important if you want to take one takeaway is create inclusivity of descriptions. Implement best practices for females, for neurodivergent, for different people of different backgrounds. It has there's so many studies If a female sees too many bullet points and can't having experienced all of them, they will not apply for that role, so try to make it inclusive. Inclusive, develop inclusive hiring and promotion practices. Have a look at your inter in in the, interview pan interview panels. Add people from different roles because that will really, help the hiring manager see a different, a different perspective of the person. And, also, remember, they forms a halo effect.

Sometimes people make up their mind within two minutes of meeting somebody, so having different people will help shape that that perception. Train managers, manager training for everything, for how to treat their how to treat their teams, which it will make them a more inclusive manager for everyone, not just for the not for just diversity. I had a presentation for Wells Fargo which actually had loads of case studies on how managers became better managers. Value potential, look outside the box, not, as I said before, not just, degrees, look at people's experiences and what they can bring to the table. I'm just going to, and the rest is that we spend before, make a strategy, advocate for diversity as a security asset, and I wanna leave you with this, well, this name, quote. The way to get started is to quit talking and be begin doing. Anybody can do it. Thank you for oh, no. Sorry. Sorry. I just got confused.

I got the phone on my minutes, so I'm doing well. So taking the this has been a personal mantra of mine for years. We talk about diversity for a long time, but real impact comes from action. This is just about representation, it's about building stronger, smarter teams. We embrace diversity, when we embrace different perspectives, cultural, gender, neurodiverse, and different backgrounds, we unlock real value. It's time to move from good intentions to mini meaningful change. So if we go back to the slide I'll rush through because I got confused with the timing. I want to finish my my my my train of thoughts on develop searchable frameworks. This is really important because as a a strategic alignment, if you connect your objectives into your broader business and security goals, it outlines and the align them in detailed road map, so how you're gonna get there.

Being diverse, being part of, being a diverse, inclusive manager doesn't mean that you're gonna have different targets. It's part of your talent acquisition. So your target should be, I want to increase my team by, you know, three, four, I need to improve. So on your strategies is that how I can target a talent that we have missed in the past due to location, due to, the way we were recruiting. So that's why partnership with HR are very meaningful. Also, learn from within. So people in your company, people from this on, underrepresented group or small as a small minority groups will know best. So they are the people in the community. So if you have, diversity programs in in the workplace, talk to them about how you can reach other people.

We use a lot of our graduates from different type of universities to to Paris in the job boards are, are are roles that we had in in some of the universities. We also use them to go back to their own universities, to their own high school, secondary schools, colleges to give presentations. So if we look at it that way, it's about talent, acquiring the best talent for our teams and with our framework of how all the different diversity can, enrich our teams, we will be advocating food for diversity as a security asset because we know by having a diverse workforce we will be better protected, we're gonna be we're gonna build better systems and we're gonna be able to do a better job at meeting our overall objectives, which is securing depth.

Correct? So talked about our lovely Walt Disney is Sasha and Inspiration. And now in summary, diversity is a strategic advantage. It's not just value, it fuels innovation, sharpens teams, and builds resilient teams. Inclusive leadership is essential to embed equality into security strategy strategies and future proofreading organizations against evolving risk. So this is all about minimizing risk and how best to do it. This is another asset you can use to do it. And overall, in in in technology, it will bring innovation whatever you do. So if you take this one takeaway, what can you do today yourself? How can you influence, and support inclusion within your teams? Thank you, and please follow my journey on LinkedIn as First Estefana.

That's my marinade, but I work with my maiden name. Eve.