Toro-Blog-listing

Having Pride in Cyber & Physical Security – Be Your Proud Authentic Self

Written by HQ | Jun 10, 2024 10:35:29 AM

1969 was a momentous year. In his inaugural speech, President Richard Nixon said we “cannot learn from one another until we stop shouting at one another…”1 

James Earl Ray was jailed for the murder of the prominent civil rights leader, Martin Luther King2; John Lennon and Yoko Ono recorded “Give Peace a Chance”3; The world watched, as Neil Armstrong took the first steps on the moon. 

Police in New York raided the Stonewall Inn, precipitating days of rioting and the beginning of the Pride movement;  Thirty years later, President Bill Clinton declared June to be “Gay and Lesbian Pride Month.”4  

More than a quarter of a century on, people who are LGBTQ+ are more so free to express themselves and enjoy more of the freedoms heterosexual people have had for decades – but there remains to be discrimination and persecution of homosexuals, transgendered, and non-binary persons globally, including in developed nations, today. In some countries it's not only illegal, but punishable with imprisonment, or death in some territories.  
 
In the UK, hate crime related to the LGBTQ+ community has increased in the last five years according to the Office of National Statistics (ONS).

“Office of National Statistics (ONS), hate crime statistics show that England and Wales are increasingly less safe places for lesbian, gay, bi and trans people” 

There is a lot more work to be done to find true equality and diversity, to be truly inclusive, and to negate discrimination both in the workplace and in society. It is for this reason, the Pride movement continues to this day, because the world has more work to do, to find true equality and acceptance of the LGBTQ+ communities.  Contrary to common misconception, Pride is not intended as a party but an ongoing protest fighting for equal opportunities and inclusion and a celebration of the achievements and recognition over the last 5 decades, and to further normalise LGBTQ+ identities in society.  

Figure 1 - Source Statistica, https://www.statista.com/chart/30011/hate-crimes-against-lgbtq-people-in-england-and-wales/  

So how does this relate to cybersecurity and physical security, you might ask?   

Toro believes in the converged approach to security and, as hard as it may be for some individuals to accept, the freedom to express oneself openly is not an acceptable practice in most of the world, either online, or in person. Sadly, the threat to personal security is real, particularly when travelling to culturally conservative destinations.  That threat is a cyber threat, and physical threat, and may be exacerbated by the behaviour of the individual. 

It is a sad truth that the authorities in countries seen as holiday destinations practice surveillance, both in person, and on internet traffic.  As well as being a popular destination for travellers, Egypt also has one of the three largest economies in North Africa5, and is a prime location for conducting business – particularly for those companies pre-empting the Chinese Belt and Road infrastructure initiative6.   

Whilst homosexuality is legal in Egypt, ‘immorality’ laws are routinely used to persecute non-heterosexuals, and the state heavily surveils internet use7.  Contrary to Egyptian law, authorities have used device seizures to check for any incriminating material, going as far as examining social media apps and posts on the device8. On the back of this, apps such as Grindr, an online dating app set up predominantly for homosexual men, warns about the risks of using the app and potential consequences, when accessed in Egypt. It isn’t just gay dating apps that pose a risk however, seemingly innocent images of a couple enjoying a beach holiday, or children having a water fight in the garden, may also be used as leverage by the authorities to bring about prosecutions and interrogation. 

Coercion is commonly used to facilitate information gathering, or future cooperation.  Anyone with a colourful internet history, that they would not wish for a foreign immigration official or police officer to examine, would be wise to carry a sanitised device. Likewise, a traveller indulging in a ‘discreet’ app for browsing ‘sensitive’ content should consider uninstalling it – whatever their age, sex, or gender. 

Closer to home, countries like Poland – where many businesses hoping to expand eastward have based themselves – have, for many years, had legislation leaving people identifying as LGBTQ+ exposed to discrimination and without the same legal protections as heterosexuals. 

Business travel to any region always has risk, and all businesses considering the safety of their LGBTQ+ staff overseas, and for cultural awareness, should consider a subscription to the truly superb Stonewall Global Mobility guide, and nominating their own Stonewall Diversity Champion9. 

For many years, Toro has supported organisations across Europe promoting gender equality, campaigning for equal rights, and lobbying for anti-discrimination laws for persecuted communities.  Some of those organisations face physical threats, and all face cyber threats from either the state, hostile actors, or even religious groups in the nation. 

The toll on the mental health caused by the impact of living under the blanket of persecution is real, and as part of the ‘people security’ aspect, Toro considers the safety and wellbeing of an organisation’s employees to be a critical part of their security. 

With access to gender advisors, Toro is able to guide businesses on all aspects of safety and security, which will become more relevant as Ukraine starts to rebuild, and organisations look to move eastwards to support reconstruction projects. 

Our Cybersecurity Assurance Manager, who heads up Toro's cyber operations, Ray Burke, was voluntarily interviewed recently and shared his views on equality and diversity based on his personal experiences.  

How has being a part of the LGBTQ+ community influenced your professional journey in the cyber security field?  

As someone who identified as LGBTQ+ and neurodiverse from a young age, and a person who knew they were ‘not the same as other boys at school’ when reaching the age of 11, at a time when sexuality was not really talked about with peers and certainly was not part of any school education,  I certainly found myself to be a minority within a minority within a minority.  It was a confusing time; no one explained what homosexuality meant, or that it was a “thing” and it certainly was not normalised in the 80s and 90s when I went through schooling.  

Whilst nowadays it’s less of an issue both at work and socially, I still recall the days of my first IT job where I was told by line management in my first job in the early 2000’s to expect abuse “because [I] work in a room with testosterone-filled heterosexual men” and told “to get on with it” - bigoted behaviour that nowadays would result in an employment tribunal It hasn’t always been plain sailing, but nowadays I find most organisations are thankfully much more accepting – but this is something that I still have to consider when applying for jobs, an activity I have had to do several times in the last 5 years due to the economy crash and subsequent redundancies I have faced. Controversially I have always, always called out any malpractice I have experienced, and this has not always had the desired outcomes especially in smaller firms, and on one occasion I was all but backed into a corner to resign back in 2011 at a Northeast MSP I worked at. Since 2011, things have certainly improved over time, and I generally find employers are much more supportive overall, but still to this day cringe at times when I’ve found myself feeling uncomfortable and subject to unwanted inappropriate very personal interrogation that crosses a fine line. Sexism and chauvinistic behaviours I have experienced historically, have no place in modern society, and the Equality Act 2010 has lent itself to protect the LGBTQ+ communities here in the UK.  
 
These behaviours I talk of has certainly declined over the last 5 - 10 years, thankfully. When I transitioned into cybersecurity from the world of IT support and MSP engagements, I found things improved for the better, unexpectedly. I then researched and can recall finding the cybersecurity industry is generally more inclusive and diverse, and that certainly has been my experience. It was not the reason I transitioned into the world of cyber, it just happened as a biproduct of my natural career progression. The result has been greater innovation and a more effective workforce through skills and different experiences bringing new ideas and new ways of working. Organisations that foster an inclusive environment reap the benefits of retaining top talent. Positive workplace culture enhances overall job satisfaction and productivity.  
 
I think people are more accepting and aware nowadays and the stereotyping and discriminatory behaviours in the workplace are in decline however in social settings I still hear of significant hate crime in the LGBTQ+ communities I am part of. 

I don’t feel being LGBTQ+ has attributed or hindered my learning and development of skills, but I do feel it has hindered my progression somewhat, historically, and it has certainly led to being accosted and facing hostility in the 1990s at school, and in the early 2000’s in the environments where I worked.  
 
Working at Toro, although my career has just started here at Toro in the last six weeks, my experience so far has been like a breath of fresh air, and I love the passionate people focused culture here, and feel very accepted and valued without any judgement. My sexuality is a moot point (exactly how it should be in the modern workplace). The company is very professional and focused on growing a diverse talent pool irrespective of my gender, sexuality, ethnic origin, or disability and through its passionate workforce is expanding both the customer base and security offering, protecting the safety and welfare of society; the greater good. Toro is strategy focused and feels extremely inclusive.  
 
Have you faced any unique challenges or biases in the tech industry because of your identity or sexual orientation? How have you navigated them?
 

My sexuality, and me being open about this since a very young age, has unfortunately led to discrimination and abuse historically. With one employer, I had to resign as previously mentioned, because management were not at all interested in hearing nor resolving the abuse I faced, and deemed it both ‘expected and acceptable behaviour’. It was never acceptable behaviour, now or then.  
 
With other roles, I have persevered and worked with management and HR teams to drive change and improvement in the equality and diversity space. I think it depends on the attitudes of senior management, as to how this is best navigated, and it has to come from the top down in order to truly build a diverse and inclusive workplace. To aid with this I have advocated the implementation of Employee Resource Groups and Employee Forums and this has been a successful way to provide both social engagement for minority groups within the workplace, but also to drive change in attitudes and policy within organisations, and to build a safe & confidential space for minority groups in global organisations I have worked for. This has given the LGBTQ+ communities a voice within organisations I have been part of and I think this is important, to continue striving for diversity and equality excellence in a world that still struggles with true equality today.    
 
What steps do you believe companies should take to create more inclusive environments for LGBTQ+ employees in security?  

The first thing that comes to mind, is zero tolerance of discrimination and any forms of abuse no matter what the motive. This is still often overlooked as minor misdemeanour in some companies, and something that organisation leaders need to advocate from the top down and stamp out, in my humble opinion.  
 
Having employee resource groups in organisations helps immensely, and provides a sense of community and belonging, and a safe space to voice any concerns amongst likeminded people.  

Employee forums help drive changes and can be operated in an anonymous way, if orchestrated correctly.  

Organisations can work with charities that advocate for diversity and equality, such as Mind Out (MindOut | Mental Health Charity for LGBTQ community) and Stonewall (Stonewall) and Galop (Galop - the LGBT+ anti-abuse charity) 

I feel that diversity and equality has to be ingrained into a company’s values and mission again from the top down – and when done correctly can introduce a very balanced and highly skilled talent pool and a great company culture that thrives in challenging economic times that we face.   

A quote I have often referred to is: “The question is are you willing to limit the discomfort of unknowing, or are you willing to be curious and open to learning new ideas and new concepts?”  

–Mark Travis Rivera  

Another quote I love, is “Love has no gender” 

What advice would you give to young LGBTQ+ individuals who aspire to enter the security field? In your opinion how can the security industry better protect and support the LGBTQ+ community? 

Be your proud self. Excel. Do not be defeated or afraid to apply. Most importantly, do not tolerate intolerance, discrimination, or abuse, from anyone. Period. The stereotypes in IT and cybersecurity are changing, and the minority groups found in IT are becoming more and more common place. Through working in IT I have made good friends with IT professionals across the globe – and it’s an exciting and challenging career path to choose despite the historic challenges. If you are looking for the community feel, many of the global vendors have dedicated LGBTQ+ Employee Resource Groups either regionally or nationally and these can be really helpful, and often can be researched online before you apply for that dream job! If you find the right company to work for, your sexuality or gender identity will be insignificant, and simply not a problem. Sadly, this cannot be said for all companies, so do your research and due diligence when applying for roles, exploring a company culture is important, and probation periods are for you to evaluate a company’s fit for you as an individual just as much as it is for the company to evaluate your suitability and good fit for the role. When you find the right role, you’ll be treated just like a normal person with valuable skills. Whilst it's not for everyone, I encourage people that identify as LGBTQ+ to embrace diversity and break down barriers! 

Companies are getting better at being more inclusive and diverse, and some do better than others. For some it is merely a PR piece and a marketing tool. Others really embrace it, and there is an increase in IT and cybersecurity companies getting actively involved with LGBTQ+ organisations and Pride events that take place globally, to continue the battle for inclusion and equality.  
 
There are lots of charities that offer up advice to LGBTQ+ communities in tech, here are just a few I suggest you check out 

Out In Tech 

About Lesbians Who Tech & Allies | Lesbians Who Tech and Allies 

Home Page | TransTech Social Enterprises 

Welcome - LGBTQ in Technology 

LGBTQ+ Entrepreneurs Building an Equitable Future | About Us (startout.org) 

Remember - You’re not alone! Be Your Proud Authentic Self.  

References

[1] https://www.presidency.ucsb.edu/documents/inaugural-address-1

[2] https://www.biography.com/crime/james-earl-ray

[3] https://www.johnlennon.com/music/singles/give-peace-a-chance/

[4] https://www.presidency.ucsb.edu/documents/proclamation-7203-gay-and-lesbian-pride-month-1999 

[5] https://thebusinessyear.com/article/north-african-business-hubs/

[6] https://www.cfr.org/backgrounder/chinas-massive-belt-and-road-initiative

[7] https://freedomhouse.org/country/egypt/freedom-net/2023

[8] https://smex.org/unwarranted-phone-seizure-violates-egypts-laws-and-constitution/