General security

All My Stripes: The New Business Imperative of LGBTQ+ Inclusion

Alissa Knight
July 1, 2020 by
Alissa Knight

“Don’t talk, just act. Don’t say, just show. Don’t promise, just prove.” -Hiroko Tsuchimoto

As another LGBTQ+ Pride month comes to a close and I look back at the rainbow striped logos companies used on their websites, I take pause to look back at what progress has been made over the last year for our community. This year was the first I can recall where stains were left on the celebration of Pride month by our own president when he denounced the workplace protection law passed by the Supreme Court and his reversal of Obama-era healthcare protections of transgender individuals on the anniversary of the Pulse nightclub massacre where 49 people were killed.

What have businesses who’ve redesigned their logos with a rainbow done to help advance the representation of LGBTQ+ minorities in their own companies? Is it just PR for these companies or do they really understand the unique perspectives the LGBTQ+ community brings to decision-making and advancements in IT? 

More importantly, what have I done?

As a lesbian, transgender person, and woman, I’ve been up against all three similar stereotypes and unconscious and conscious biases in cybersecurity. From men thinking I’d sleep with them for a signed contract to someone not wanting to do business with a company run by a trans-person — I’ve seen it all.

I’ve been working in cybersecurity for over 20 years and it’s time I take pause to ask myself what I’ve done to help further the LGBTQ+ community and do my part in making a positive impact on LGBTQ+ lives. I’m sad to say I could have and should have done more. I will do more. The fact of the matter is, I’ve never wanted to be seen as a “beautiful trans woman” -- just a “beautiful woman.” So those who follow me on social media know I rarely, if ever, talk about trans issues. I never wanted it to be a part of my narrative. That’s not to say I’m embarrassed about being trans; quite the contrary, I’m proud to have been blessed to have lived in two separate bodies, to live my life as two different sexes. However, as many know, gender is different than sex assignment at birth. For those who aren’t familiar with what it means to be trangender, it’s different than being a cross-dresser, which is someone who likes dressing in the clothes of the opposite gender. Being transgender is literally being born with the wrong sex assignemnt at birth. In short, transgender individuals are born with the brain of the opposite sex than what they are assigned at birth. So in my case, I was born with a female brain in a male body. I transitioned in 2008 from male to female when I was 29. Since then, I’ve lived my life full-time as a woman. However, I wasn’t prepared for how my professional life would radically transform in going from a male knowledge worker to female. The wage disparity, being passed up for opportunities by male colleagues with the same level or less experience...all of this is true. These were all things I did not experience in my former skin.

The fact that cybersecurity is a “good ‘ol boys club” has been a frequent reminder for me. I recall recently when I was in a meeting with a vendor who asked me when “my boss” would be in, assuming I was “his” EA and there to take notes and not realizing I was the Group CEO of the company.

The problem is exacerbated on social media in recent tweet storms where men thought it would be appropriate to say that women have no interest in cybersecurity. Their opinions were that we as women prefer to be homemakers, changing diapers and making dinners instead of writing buffer overflows. His opinion was that cybersecurity was “too fast-paced” for women. My rebuttal  to that sexist tweet went viral.

As more studies are published on this very question, such as the diversity study of 4,277 companies in Spain which found that diversity can increase the efficacy and innovation of teams, the unique perspectives that underrepresented minorities bring and that directly impact a business’ bottom line is clear. This study found that women (gay or straight) were more likely to introduce radical new innovations into the market over men, underscoring more empirical evidence to the business imperative of companies being more inclusive and giving more women representation in the board room.

While there is no empirical data published on the advantages of having LGBTQ+ team members in a company, I can attest to my own experiences of hiring an entire women-led organization at Brier & Thorn and the unique perspectives women, as well as our LGBTQ+ team members, bring to problem solving. 

The LGBTQ+ community has been persecuted, abused, and even killed for being who we are for decades. Until someone is strung up and hung from a tree or tied to the back of a car and dragged for being straight (all things LGBTQ+ persons face on a daily basis), our straight peers in the workplace will never understand what it’s like to walk a mile in our shoes. I opine that this is the reason we in the LGBTQ+ community work so hard to prove how people with conscious and unconscious biases see us. 

I’ve been asked so many times “why do gay people need a parade, it’s not like straight people have a parade?” Until you can be passed up on a job or even killed for being straight, I believe this question will continue to pervade global societies until the end of time. It’s my opinion that businesses and cybersecurity teams alike can benefit greatly by not only diversifying genders across teams but also sexual orientation and attempting to not only implement equity, but also inclusion. Whereas equity seeks specifically to ensure fair treatment, inclusion builds a culture of belonging by welcoming the contribution, participation and experiences of all people.

Another study looked at the profitability across 20,000 firms in 91 countries. This study found that companies with more female executives than men were shown to be more profitable than companies with male majorities in their C-suite. But while women, racial minorities, and people with disabilities have been studied closely in their under-representation in cybersecurity, what about LGBTQ+ individuals?

According to recent studies, negative interactions in the workplace experienced by LGBTQ+ employees are costly to businesses. Employees who experience negative touch points in the workplace are 40% less productive and 13 times more likely to quit their jobs.

Companies must get ready for the new workplace norms expected by millennials and Gen-Z employees who will now make up a majority of their headcount. This new generation of straight workers care viscerally about inclusion and advocating for it for their LGBTQ+ peers, more so than previous generations. According to a recent study by BCG, there are clear numbers that speak volumes in the important distinction between diverse hiring initiatives, where companies hire employees from different backgrounds, and inclusive hiring initiatives, where companies hire employees who feel free to bring their authentic selves to work. Such a discrepancy carries steep financial costs to companies who get it wrong. 

This study concluded that LGBTQ+ employees who are “out” in the workplace feel psychologically safer, take more creative risks, and feel more empowered to speak up. Hiding this critical part of themselves results in an employee unable to do their best work as evidenced in the chart below:

SOURCE: BCG LGBTQ employees employee survey 2020

There is now a staggering amount of new data being published every year on the business imperatives of companies getting this inclusion right.

When companies even the playing field for LGBTQ+ employees in both lower and upper ranks at their company, up to and including in the boardroom, it results in a more engaged workforce, less attrition, stronger and more impactful innovation, and improved financial performance. The lens created by the unique life context and experience of LGBTQ+ individuals is one that no business can afford to do without, regardless of whether their logo is redesigned with rainbow stripes every June or not.

What should you learn next?

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.


A list of LGBTQ+ Cybersecurity, IT and tech resources

Alissa Knight
Alissa Knight

Alissa Knight is a published author, the managing partner at Knight Ink, principal analyst at Alissa Knight & Associates, and group CEO at Brier & Thorn. She is a recovering hacker of 20 years and as a serial entrepreneur, has started and sold two companies prior to her ventures she runs now. Alissa is a cybersecurity influencer, working for market leaders and challenger brands in cybersecurity as a content creator. Follow her on Twitter and LinkedIn, and subscribe to her YouTube channel to follow her adventures in entrepreneurship and cybersecurity.