The Ripple Effect: Building a Diverse Security Research Team

Presented at Black Hat USA 2021, Aug. 5, 2021, 11:20 a.m. (40 minutes)

<div><span>Achieving a diverse, inclusive team which is a dream to work in was not a short journey. It took time and was well worth the effort. While the industry numbers paint a gloomy picture for gender equality and representation, we successfully built a thriving diverse team of hackers with equal representation.</span></div><div><span><br></span></div><div><span>There were no misogynists, sexists, or toxic culture of any kind on our core team. Yet initially, it consisted entirely of men and no women. There was an unconscious bias that kept us in this state. We will share our journey to reveal and measure this bias and to ultimately increase female representation from 0 to 50%.</span></div><div><span><br></span></div><div><span>According to the Global Gender Gap Report 2020 (by World Economic Forum), it will take on average more than 100 years for women to reach gender equality. This is unacceptable and we can and must make it happen sooner.</span></div><div><span><br></span></div><div><span>Our hope is to share some tools with allies attending Black Hat to help make the change on their teams as well (tools for team members, leaders, and upper management alike). Incidentally, the same tools had not only created a more inclusive environment, they have also improved our R&D team atmosphere and deliverables.</span></div><div><span><br></span></div><div><span>This is not a technical talk. You won't learn the bits and pieces of a fancy protocol or internals of an OS. It will however improve your team's technical skills by fostering a healthy environment to work in. </span></div>

Presenters:

  • Omer Yair - Endpoint Team Lead, Symantec - A Division of Broadcom
    Omer Yair is Endpoint's team lead at Symantec (formerly Javelin Networks). His team focuses on methods to covertly manipulate OS internals. Before Symantec, he was a malware researcher at IBM Trusteer focusing on financial malware families. In the past, he has worked at Algotec developing medical imaging software and at IDF's technology unit for three years as dev team lead. Omer has presented at DEF CON, DerbyCon, Virus Bulletin, Zero Nights and BSides TLV conferences. In his free time, he revives historical photographic processes.
  • Oryan De Paz - Low-Level Researcher &#38; Developer, Symantec - A Division of Broadcom
    Oryan De Paz is a low-level researcher & developer in Symantec’s Breach Prevention Group. In her daily job, she works on protecting Active Directory by manipulating various internal mechanisms in the operating system. She is passionate about Windows internals, reverse engineering, and solving puzzles, which makes security research her dream job. In her free time, she likes to bake, travel, spend time with her dog Alice and is always up for learning new things.

Links:

Similar Presentations: