Portal26 named GenAI Visibility/Governance/Security Leader in Houlihan Lokey Cybersecurity Update 

Champions in Security – Honoree Profile: Chitra Dharmarajan, 2023 Champion for Inclusion

Chitra Dharmarajan is the Senior Director of Security & Privacy Engineering at Okta and former Director of Cybersecurity at GE. She has more than 25 years of experience in information security.

Chitra was a recipient of the inaugural 2023 Champion in Security Awards hosted by Portal26. The Champion in Security Awards honor security leaders embodying meaningful values within the security community that make the profession better for current and future practitioners. Chitra won the Champion in Security Award for Inclusion, which honors the security leaders who organize their teams to accommodate diversity, equality, and inclusion principles to the fullest degree.

How do you promote diversity, equity, and inclusion in the security industry?

Promoting diversity, equity, and inclusion in the security industry requires a concerted effort from both organizations and security practitioners. Whenever we have an opportunity to hire,  we make a conscious effort to bring diverse talents to the pipeline before we commence the hiring process. I am also part of cybersecurity groups in North America and encourage my global teams to do the same. This is another way for us to identify talents from diverse backgrounds across the globe. We cannot give a pat on our back for just hiring diverse talent. It is also imperative for Security Leaders to stay committed to providing the right opportunity, exposure, and experience. Make the right introductions for those budding talents, mentor/coach, and support them for a successful path forward in their careers.

Organizations investing in Employee resource groups (ERGs), can be a powerful tool for promoting DEI in tech. At Okta, ERGs are responsible for driving employee communities and partnering with the DIB team in broader DIB initiatives. These groups have a formal connection to DIB through an allocated budget and leadership stipend, annual Vision Method and Targets, and established processes to ensure consistency across ERGs.

How would you say DEI efforts in the cybersecurity world have changed since you began your career?

A decade back, the cybersecurity industry lacked diversity in terms of race, ethnicity, and gender identity. Organizations look for their “Security Guy” to solve the crisis. As a woman technologist, I see a paradigm shift in the mindset, partially influenced by the nature of this cyber security domain, where we seek a Swiss army knife skill set and diverse roles to operate effectively in the cybersecurity realm. The cybersecurity industry has made significant strides in promoting diversity, equity, and inclusion in recent years, but there is still much work to be done. According to the (ISC)² Innovation Through Inclusion: The Multicultural Cybersecurity Workforce report, only 26% of cybersecurity professionals are ethnic and racial minorities. The organization’s Women in Cybersecurity report also reveals that women occupy just 24% of cybersecurity positions.  This is slightly better than what we see in other technology job sectors.  Progress…but not enough to be finished and done.

What changes and improvements would you like to see in the future of DEI efforts in tech?

In the world of AI-aided tech products, more work needs to be done to address bias in algorithms. Could it be policies or regulations–we need to think. We cannot say no to an innovative technology, we have the responsibility to regulate it so that such technology does not make decisions that are systematically unfair to our peers.

In the technology sector, pay equity is another area,  where the industry has a long way to go. Regular pay analysis by 3rd party and remediate the disparities at a regular cadence will be necessary. 

Talents from diverse backgrounds often bid farewell to their flourishing career at a mid-point, when they bear the brunt of caregiving roles or limited time/resources to up-skill themselves. Organizations have to consciously identify employee benefits that provide a supportive work-life balance. Okta has fostered a healthy work environment with generous Parental leaves, wellness days, and sick/caregiving time off. 

In today’s virtual office environments, we can certainly do more to bring in Neurodiverse talents into the tech sector. There is a wealth of talent pool, which is yet untapped.

What does it mean to you to win this award?

I receive this honor with deep gratitude and great humility.  It is an award that speaks to our highest aspirations –  diversity, equity, and inclusion in the tech industry.

I am honored to be recognized by the Titanium team.  I also take this as an opportunity for us to join forces to make collective progress in the future.

Who in your career helped demonstrate this attribute that influenced your professional behavior?

I am blessed to have many mentors/managers in my career who helped with my professional growth. One of them is very special to me, a very inspiring woman leader in Cyber Security.  I had an opportunity to work with Ms. Summer Fowler in my career. It indeed took 15 years & 5 employers for me to finally experience reporting to a woman.  She inspired me with her meticulous DEI effort, and she hired the first neurodiverse candidate in a fast-paced startup. She led by example, by embracing the challenges for this neurodiverse candidate, and effectively carved out specific work domains where they can thrive and succeed.  She influenced many of us to actively promote an inclusive work environment. 

Another person who inspired me with her Inclusion attribute is my manager at Okta, Ms Bhawna Singh, CTO of Customer Identity Cloud.  Bhawna does not shy away from asking us whenever she notices a lack of diverse representation in nominations for accolades, recognition, or promotion within the organization. For me, asking that question to the quorum of decision-makers is important. That is a gentle reminder for us to look harder for talents from diverse backgrounds who may also be outperforming but less visible.

What advice would you give to professionals who want to work in this field?

It is important to stay updated and gain technical skills for your respective cybersecurity domain. While technical skills are essential in the cybersecurity field, soft skills such as communication, strategic thinking, problem-solving, and collaboration are equally inevitable for a successful career. You don’t have to be a “hacker” to be in cyber. Defenders come with diverse skills. There are so many diverse jobs available in cybersecurity today that cater to a wide range of skill sets. If you are already in CyberSecurity, you have a large horizon to explore and shift gears. 

Security is a team sport. Be a negotiator & win the hearts of all stakeholders

Any successful security team is built with diverse skills within the team. There is a great probability to acquire these diverse skills across candidates with diverse backgrounds. Remember that you have a vantage point as a Cybersecurity Professional to promote DEI within your team.