1. Congratulations on winning the Women4Cyber Recognition Award 2024! Why did you decide to put forward the Institute for Security and Safety for this award?

Thank you so, so much – once again! The Women4Cyber Recognition Award is meant to highlight companies that distinguish itself for its efforts in enhancing gender diversity in the cybersecurity field, right? First and foremost, the Institute very personally did that for me.

When the Institute hired me, I was following a very different career path – only very, very rudimentarily covering cybersecurity, if at all. I have an academic background in international law and politics, worked in the public sector, before properly kicking off my career in the automotive sector. And, yes, I was very much settled in my career by the time I switched into cyber.

By the way – I was actually hired while on parental leave! Mind-blowing! And I spent the first few months at the Institute with my baby either sitting on my lap during calls – which awarded her the title youngest cybersecurity professional ever, or her sleeping in a baby carrier. We pretty much came as a duo – and I also already had a toddler at home.

But that didn’t stop them from believing in my talent, skills, and eagerness to thrive. Which, of course, has nothing at all to do with me being a mother, or a female, or a non-techie. But this radical openness to creating properly diverse teams – that, of course, by no means stop at gender-diverse hiring, really stood and still stands out to me.

Even now that I personally have left the Institute, receiving the Women4Cyber Recognition Award in The Hague (of all places The Hague – where I did my undergraduate studies), will forever be one of my favorite memories. And although not being employed at the Institute anymore, I will refer to it as “we“ in the following – just a little side note.

The biggest barrier for women is the thought that they can’t have it all. Because they can, and they should.

2. Can you share some specific initiatives or programmes that the Institute for Security and Safety has implemented to promote gender diversity and inclusion internally?

At the Institute for Security and Safety, we believe in promoting gender diversity and supporting female participation as part of our daily business. We know that diverse teams generally perform better. Thus, with a high proportion of career changers and an exceptional proportion of women in the IT sector of almost 70% (50% of whom are mothers), we bring new perspectives to the field of cybersecurity and work in a highly

innovative way. Flexibility is a no-brainer for us. To us, it does not matter, if our team member works next to her sleeping toddler, if she must take a break to pick up her son from daycare, or if the average 9 to 5 simply doesn’t fit her schedule. We accommodate different lifestyles and never lose touch with one another, regardless of our presence in the common office (which, by the way, serves as our home base, as a common living room for all).

We want to see the standards and values we, as a team, live up to, reflected in our partners and customers as well. This is why we encourage people from many different educational and professional backgrounds to attend our training courses. Cybersecurity, in the end, is a team effort that simply cannot allow for not incorporating all members.

As a female-led company, supporting gender equality and equal access to formation is at our core. Many of our team members were not trained to do cybersecurity in the first place (but who really is?!). This is not a weakness; it is what makes us so productive and strong. And we do want to support others in considering lateral entries as well.

To conclude, we see the human aspect of cybersecurity and put great emphasis on establishing a culture of security in organizations, both our customers’ and our own – a good “culture of error” (i.e. a no-blame approach), appreciation and continuous learning and development can help us face the ever-changing dangers of the digital world. We see the success of this approach in the large number of projects and industries that we have successfully supported, and we live this approach as a team to achieve the best results through development and mutual appreciation.

3. How is the success of your diversity, equity, and inclusion (DEI) initiatives measured? Are there any particular metrics or outcomes you focus on?

I think I must admit that we follow a radical guerrilla approach to DEI. We learned by doing, tested, trialed, failed, and figured out what worked on the go.

First and foremost, we believe in and support each other, including our clients. We identify people, individuals, we want to work with – and simply make it work. To us, DEI is not detached from our daily business but an intrinsic part of it.

Our colleague may be female, male, German, Ukrainian, young, old – and everything in between. We work part-time, full-time, from home, on our ways to school, on the most meaningful projects.

We want the best people to create the best teams – to do so, you cannot ignore DEI. Diverse teams perform better. Full stop.

4. How does the Institute for Security and Safety engage with the broader cybersecurity community to promote gender diversity and inclusion beyond the company?

At the Institute for Security and Safety, we put trust in the individuals that work for, but most importantly, with us. Our Marketing and Communication Manager, at the time, is an active member of the German association Women in Tech e.V. aiming at bringing together not less than as many women in tech and IT as possible. I myself am part of and actively engaging within the German chapter of Women4Cyber (nearly) since day one. We also love to spread the word and talk about female representation in cybersecurity whenever we can – in podcasts and on the go while hopping on the train to get to a business meeting.

6. What role do you believe industry awards like the Women4Cyber Recognition Award play in advancing DEI efforts in cybersecurity?

…an incredibly crucial one! First and foremost, they put DEI efforts very much on top of the agenda – and treat them as an indicator for success. Companies that already do well are finally awarded with external recognition. And companies that might want to be awarded, will probably have more internal motivation for further improvement. Awards are a powerful tool for promoting change and for setting agendas within communities.

Plus, it goes without saying: it is incredibly nice to receive a tangible award!