Training
Featured CourseView All Courses
Get a free hour of SANS training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training
Can't find what you are looking for?

Let us help.

Contact us
Resources
SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

CISO Network

Engage, challenge, and network with fellow CISOs in this exclusive community of security leaders

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations
Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk with an expert
Talk with an expert

Owning Your Professional Narrative, Authentically: Lessons from the SANS BIPOC in Cybersecurity Forum

The acronym BIPOC refers to Black, Indigenous, & People of Color, and is used to be more broadly representative than simply saying “people of color."

Authored bySANS Institute
SANS Institute

Owning Your Professional Narrative, Authentically: Lessons from the SANS BIPOC in Cybersecurity Forum

It would be impossible to distill the wisdom and the good vibes from the SANS BIPOC in Cybersecurity Forum. Fortunately, I don’t have to, because you can watch all seven sessions here. (You’ll need to register for the now-past event to access the webcast archive, but registration is quick and free.)

By the way, if you’re still learning about inclusion and racial justice issues, like most of us, the acronym BIPOC refers to Black, Indigenous, and People of Color, and is used to be more broadly representative than simply saying “people of color.”

SANS is proud to support the #SharetheMicinCyber campaign, created by Camille Stewart @CamilleESQ and Lauren Zabierek @lzxdc in June 2020 to amplify the voices of Black professionals in cybersecurity. (It’s running again on October 23rd: https://sharethemicincyber.splashthat.com/) Camille joined us at the Forum to share her wisdom on “Owning Your Professional Narrative.”

Her strategy includes:

  1. Identify 3-5 words central to your professional narrative. They should represent your strengths, goals, and skill sets.
  2. Identify experiences that illustrate those traits. DON’T reduce your experiences to a single word or devalue any previous roles. You’ve learned something from everything you’ve done.
  3. Craft an overarching narrative that clearly states the value you add as a professional and present it to friends, colleagues, and mentors who can help you refine it until it’s perfect.
  4. Be intentional, keeping your narrative in mind at all times with regard to your social media persona, your elevator pitch, and your communication style.
  5. Live the narrative: be the person you’re describing!
  6. Identify validators. These are professional and industry contacts who are aware of your narrative and will share it with others when you aren’t even in the room.
  7. Create opportunities that feed and enhance your narrative. Start your own initiatives if what you’re looking for doesn’t exist.
  8. Be prepared to evolve your narrative. Your skills, goals, and priorities will grow and change over time, and your narrative should too.

That’s a great, concrete strategy for creating a comprehensive professional narrative. But why is that such an important thing to do? For underrepresented groups, particularly Black professionals, there is a very real psychological and emotional burden imposed by “code-switching.” This 2019 Harvard Business Review is a great read to learn more about code-switching (and is not behind a paywall), but as Christina Morillo @divinetechygirl explained in her talk, it’s a way for Black employees and professionals of color to try to overcome negative racial stereotypes by assimilating, or blending in with, the dominant culture in an organization.

Of course, we all engage in some type of impression management to be taken seriously at work or to fit in with our peers. We brush our hair and put on a clean shirt before a Zoom meeting; we waste a day bingeing a trendy Netflix show just so we can be in on the joke of the memes our team keeps passing around. But we generally don’t have to craft an entire alternate identity that’s more palatable to the dominant organizational culture just to prove over and over again that we belong. For BIPOC employees, code-switching may be a demanding and exhausting daily reality. Whether it’s microaggressions or overt discrimination, Christina offers this “human threat modeling” for protecting your psychological safety:

  • Define your requirements for psychological safety.
  • Create a mental model of these conditions.
  • Identify threats in the environment.
  • Find ways to mitigate these threats.
  • Validate your experience through feedback.

Ultimately, it’s up to all of us to do the work of creating teams and organizations where code-switching isn’t necessary, and to validate and act on the experiences of underrepresented minorities so everyone can bring their authentic narrative to work. Also, we could all use a friend like Christina. You can hear much more from her on the Colors of Infosec podcast she co-hosts with Asif Ahmad.

Ideas for other topics you'd like to see covered in future Forums?  Tell us at summit@sans.org

Meet the expert

SANS Institute
SANS Institute

SANS Institute

Launched in 1989 as a cooperative for information security thought leadership, it is SANS’ ongoing mission to empower cyber security professionals with the practical skills and knowledge they need to make our world a safer place.

Read more about SANS Institute
Owning Your Professional Narrative, Authentically | Lessons from the SANS Institute BIPOC in Cybersecurity Forum