#StartupsEverywhere profile: Safi Mojidi, Founder, Hacking the Workforce
This profile is part of #StartupsEverywhere, an ongoing series highlighting startup leaders in ecosystems across the country. This interview has been edited for length, content, and clarity.
Supporting Underrepresented Communities in the Cybersecurity Field
Hacking the Workforce is a mentoring and support organization dedicated to helping Black, LGBTQ+ individuals develop successful careers in the field of cybersecurity. We spoke with Safi Mojidi—Founder of Hacking the Workforce—to learn about his work, the importance of diversity to cybersecurity, and how policymakers can develop better technology policy through partnership with diverse practitioners and academia, in the cyber industry.
Could you tell us about your background and how it led you to Hacking the Workforce?
Almost 15 years ago, I began working in cybersecurity as a help desk technician for a small company. I was able to pivot into cybersecurity fairly quickly as I obtained my Master’s Degree in Information Assurance and Security. From there, I had the opportunity to support a myriad of federal organizations leading large scale cybersecurity programs including NASA, the Department of Justice, and the Vice President's Office. It wasn't until I began my doctorate program a few years ago that I realized just how passionate I was about this industry. As security practitioner turned privacy researcher, this passion drives me to explore privacy-preserving techniques and technology. My goals for this research are to aid in the development of unbiased and equitable access to privacy protection for members of vulnerable populations. As I delve deeper into this research, it becomes increasingly obvious just how severely underrepresented minority demographics are in the cybersecurity industry.
We are continuing to transform into a digital first society, and a lack of diversity of thought increases our susceptibility to an ever growing list of cybersecurity threats. This is because there is a risk that if we continue to rely on people who ask the same types of questions, and come from the same backgrounds, we can’t adequately combat the numerous and persistent threats to security.
It became very hard for me to continue advocating for folks to enter the cybersecurity field because they would likely be underrepresented at their job, and that didn't sit right with me. There's a level of support that our community is not able to obtain because there just aren't that many of us. Black members of the LGBTQ+ community, and visibility matters, so it becomes somewhat of a conundrum. The industry needs diversity, but struggles to achieve that goal because of the long-standing repetitive nature of hiring practices that result in a homogeneous candidate pool of applicants. I decided that I needed to do something about this.
Tell us about Hacking the Workforce. What is the work you are doing?
There's a shortage of over 400,000 cybersecurity practitioners in the U.S. alone. Globally, it's about 3.4 million open cybersecurity positions. That means there are many security systems—potentially protecting critical infrastructure, or sensitive health information—that are likely vulnerable. Meanwhile, the U.S. population to date is about 13.4 percent Black or African American, but in the tech field, Black people or African Americans only make up about three percent of that workforce, and the numbers are so low there isn’t even good data on representation in the cybersecurity space. There is a huge number of people who are either being overlooked or don't know what it entails to enter the field. There are opportunities out there for us, so why can't you be one of the 500,000 that makes up that workplace shortage?
I’ve been fortunate to have some really good mentors and allies looking out for me, but that is not the case for everyone. Looking for a mentor was challenging because the numbers of folks that look anything like me—a black, trans man—continue to dwindle, especially roles in leadership. We want people to feel supported as they get started in the cybersecurity industry or continue to build their careers. Knowing that there is someone knowledgeable in the field who you can provide advice from a place of understanding because you share at least one or two of your visible identities.
We want to increase access to the cybersecurity field from the career perspective, but also from a mental health perspective. No one really talks about what it's like for a trans person to transition in the corporate world. What does that mean, and what kind of protections are available? Our goal is threefold: achieve visibility and increased representation for Black LGBTQ cyber practitioners, create resilience and sustainability in the workforce through training and nurturing individualized mental health needs, and normalization of financial well being. All of those goals are underpinned by a vital need to increase security and economic stability for future generations.
Could you elaborate on how the lack of diversity of thought has left us more susceptible in the cybersecurity space?
The key components of any cybersecurity system are strength in three ways—confidentiality, integrity, and availability. Confidentiality means that whatever information the system is processing, it should only be available between the system and whoever should have access to that information. Availability means that if we're relying on a system, we better be able to use it. And the last piece of that is integrity and can withstand being used in different ways. If we cannot ensure that the system was tested, or at least thought through from as many different points of views or perspectives as possible, there's no way that we can adequately trust the integrity of the system.
For instance, if we're testing facial recognition software that has been deployed to solve real world problems, but has not been tested for diverse populations, this creates a huge integrity issue. Police departments may use such a system to identify potential perpetrators in public, and if we've not tested those systems on different shades of skin, we cannot be sure the system has a commensurate level of integrity to be trusted in real world applications.
These are things that could impact all of us. We need to be asking, “why does it work like this?” and it takes people of all different backgrounds to determine if a specific technology or specific use of technology makes sense. One of the biggest risks to cybersecurity right now is a lack of diversity of thought.
Can you talk a little bit about your work on encryption, and what you hope policymakers keep in mind when they think about policies?
My work around encryption has really been focused on exploring a more discernible transformation in the legislative framework by establishing boundaries for how covered entities collect, process, and share personal information, particularly those of marginalized populations. I think it is crucial to everyone that truly effective accountability mechanisms are established for how encryption standards are developed and put into practice. Among the findings from the research I conducted in support of my doctorate are the identification of gaps in current legislation around encryption technology. These legislative gaps should be addressed immediately in order to achieve more consistent standards for how organizations use personal information, while also providing industry with clear national guidance on how to protect privacy and security. When thinking through the consequences of policy decisions, we need to make sure we have some of the brightest, diverse minds in the room, who can think about the impact on entire communities that policies would have. And then once we have all of the data from relevant parties who can speak to that, we can develop better policies because they're not part of the homogeneous mindset traditionally in the room.
Are there any tech startup issues and concerns that you believe should receive more attention from local, state, and federal policymakers?
Despite the critical role entrepreneurship plays in the development of wealth in families as well as communities and economies, the opportunities to start and expand a business are not equal for Black Americans in the U.S. Black entrepreneurs are nearly three times more likely than White entrepreneurs to have their business growth and profitability significantly impacted by a lack of financial resources, according to statistics from the U.S. Chamber of Commerce. Tech startups, particularly those founded by African-Americans struggle with accessing the capital they need. Roughly 70 percent of Black founders rely significantly on personal and family savings for capital to fund their startups.
Although the ideal of equality of opportunity is important, its promotion is also good for the U.S. economy. Eliminating racial disparities in entrepreneurship would result in a significant increase in job creation and economic growth. Research has found that if the number of businesses owned by people of color were in proportion to their representation in the workforce, the U.S. would add over one million companies, creating approximately nine million additional jobs and generating $300 billion in additional earnings. Policymakers should place a higher priority on policies that facilitate minority-owned firms' access to finance and financing.
What are your goals for Hacking the Workforce going forward?
I want people to know that there is a community for you in cybersecurity. I want people to know we're looking to work with as many partners and vendors who support our mission and believe that there shouldn't be this lack of diversity in cybersecurity. Diversity is a must-have, now. You need to have diversity, diversity in your board, diversity in your people, diversity in every aspect of your organization. I want folks to understand that supporting organizations with missions like Engine, or Hacking the Workforce, are ways to help tackle significant issues that are now more vital than ever.
All of the information in this profile was accurate at the date and time of publication.
Engine works to ensure that policymakers look for insight from the startup ecosystem when they are considering programs and legislation that affect entrepreneurs. Together, our voice is louder and more effective. Many of our lawmakers do not have first-hand experience with the country's thriving startup ecosystem, so it’s our job to amplify that perspective. To nominate a person, company, or organization to be featured in our #StartupsEverywhere series, email ian@engine.is.