The security workforce is facing a major shortage, an issue amplified in the healthcare sector with about three of four hospitals lacking a designated security person. Not only that, but men far outnumber women in leading cybersecurity roles.
For Amelie Koran, the deputy chief information officer for the U.S. Department of Health and Human Services' Office of the Inspector General, the shortage is pretty obvious in the government.
“When you sit at a table with other CISOs and senior tech leaders, there’s not a lot of women around the table,” said Koran. “We do a [bad] job in the government in this area. We’re as bad as Silicon Valley with diversity, with a lack of women in CIO and management positions.”
The issue is obviously problematic in terms of diversity. But Koran explained it’s frustrating when “you’re trying to argue this point, but you’re the only one trying to fight for this diversity argument. You look and that’s your problem [especially] in the government space, a male-dominated environment.”
But not having women at the table adds to other issues, including the lack of thinking about problems in a different way, said Koran. From her own experience, she’s said it’s hard to be the only woman at the table and watch peers leave meetings without finding a solution to a problem.
On the other hand, women are consensus builders and work more to get input from others, explained Koran. When the government and other industries are trying to focus on user stories and human factors, this is one reason it’s crucial to have women in those senior tech positions.
“That’s been a challenge here,” said Koran. “We’re forcing the government to go froma Waterfall Delivery methodology to an Agile Delivery methodology, which focuses on rapid iteration…moving from that will be one of the biggest challenges within government.”
“The conversations I’ve had as a senior leader,some peers may be argumentative, not wanting to solicit input that differs from their held views… often these are men,” she continued. “But with women, same situation, you get a lot of solutions and options. That’s the benefit there.”
And bringing different races and cultures to the table will also improve progress, as well as deliver solutions. As one of the first transgender civilian employees inside of the White House, she’s experienced this first hand.
However, the role has brought along some of its own challenges.
Koran explained that she chose the government sector, as it was more accepting, in that regard. She transitioned at the U.S. Department of the Interior and received a lot of high-level support. And during the Obama administration, she “wasn’t tokenized. I was there because I was a very good security professional.”
Under the Trump administration, however, she’s found her role more challenging because employee rights and protections are difficult to understand. Changes to HHS program policies made it difficult to determine what the agency is willing to support.
Koran said she’s embracing her advocate role to make others in similar positions feel safe -- given she does feel so supported.
“When you feel empowered to stand up for your rights, you’re also standing up for other people’s rights,” said Koran. “I’m extremely open now, so I can be a beacon... So there’s hope for people.”
Koran will share details on HHS OIG's modernization efforts at at InfoSec World 2018 Conference.