Building Bridges: My Role on the ISC2 Global DEI Advisory Council
Sometimes an invitation arrives that represents more than a position it becomes a mandate to shape the future. When I received the official appointment letter from (ISC)² inviting me to serve as Regional Representative for Asia Pacific on their Global Diversity, Equity and Inclusion Advisory Council, I knew this was one of those transformative opportunities.
Why DEI in Cybersecurity Can’t Wait
Cybersecurity protects our most critical systems, data, and infrastructure. Yet the profession tasked with defending our digital world remains significantly lacking in diversity. When our security teams don’t reflect the populations they protect, we create blind spots technical, cultural, and strategic vulnerabilities that sophisticated adversaries can exploit.
The (ISC)² DEI Advisory Council exists to change this reality. Our mission is clear: provide the input, ideas, and expertise that informs and implements a multiyear strategic framework to advance meaningful progress toward greater diversity, equity, and inclusion in the cybersecurity profession.
The Asia Pacific Mandate
Serving as Regional Representative for Asia Pacific from April 2023 placed me at the intersection of some of the world’s most dynamic cybersecurity markets. The Asia Pacific region represents incredible diversity culturally, economically, and technologically yet faces unique DEI challenges in cybersecurity.
My role centered on:
Regional insights: Bringing Asia Pacific perspectives to global DEI strategy, ensuring frameworks account for regional cultural nuances, educational systems, and labor market realities.
Strategic input: Shaping (ISC)²’s multiyear DEI framework with practical, implementable recommendations that drive real change, not just aspirational statements.
Bridge-building: Connecting cybersecurity communities across APAC with global DEI initiatives, facilitating knowledge exchange and collaborative problem-solving.
Accountability: Helping measure and track progress toward DEI goals, ensuring commitments translate into tangible outcomes for underrepresented groups in cybersecurity.
Why (ISC)² DEI Leadership Matters
(ISC)² represents over half a million certified cybersecurity professionals globally. When an organization of this scale commits to DEI advancement, the ripple effects transform the entire profession. The Council’s work influences:
Certification pathways: Making cybersecurity credentials more accessible to diverse candidates while maintaining rigorous standards.
Professional development: Creating mentorship, networking, and advancement opportunities for underrepresented groups.
Industry standards: Setting expectations that diversity isn’t optional—it’s essential for effective cybersecurity.
Cultural change: Shifting mindsets from “diversity as compliance” to “diversity as strategic advantage.”
The Work Behind the Scenes
Council service happens largely behind the scenes email deliberations, conference calls, policy reviews, and strategic planning sessions. But this invisible work creates visible impact.
We’ve tackled questions like: How do we make cybersecurity careers accessible to people from non-traditional educational backgrounds? What barriers prevent women and minorities from advancing into leadership? How do cultural differences across regions affect DEI strategies? What metrics genuinely measure progress versus performative diversity?
These aren’t easy conversations, but they’re essential ones.
Personal Growth Through Service
Dwan Jones, Director of Diversity, Equity and Inclusion at (ISC)², noted in the appointment letter that this experience would bring both personal and professional growth. That prediction proved accurate.
Serving alongside passionate DEI advocates from around the globe expanded my understanding of how systemic barriers manifest differently across cultures. It reinforced that effective DEI work requires humility listening more than prescribing, learning from lived experiences different from your own, and recognizing that good intentions don’t automatically create equitable outcomes.
The Asia Pacific Context
The Asia Pacific region’s cybersecurity landscape differs significantly from Western markets. Rapid digitalization, diverse regulatory environments, varying cultural attitudes toward diversity, and different educational systems all impact how we approach DEI.
Representing this region meant ensuring our Council’s recommendations didn’t default to Western-centric assumptions. It meant advocating for approaches that work in Singapore and Sydney, Mumbai and Manila, Tokyo and Taipei recognizing that DEI isn’t one-size-fits-all.
Why This Matters for the Future
Cybersecurity threats don’t discriminate they target vulnerabilities wherever they exist. Our defense must be equally comprehensive, and that requires diverse teams bringing varied perspectives, experiences, and problem-solving approaches.
When we exclude talent based on gender, race, socioeconomic background, or geography, we weaken our collective security posture. When we create inclusive environments where diverse professionals thrive, we strengthen our ability to anticipate threats, design robust defenses, and respond effectively to incidents.
Gratitude and Commitment
Thank you to (ISC)² leadership, Clar Rosso, Dwan Jones, and my fellow Council members for entrusting me with this responsibility. Service on this Council has been among the most meaningful work of my career not because of recognition, but because of impact.
To every cybersecurity professional from an underrepresented background: your perspective matters, your contributions are needed, and organizations like (ISC)² are working to create pathways for you to succeed. The door is opening wider, and we need you to walk through it.
The work continues beyond my term. DEI isn’t a project with an end date it’s an ongoing commitment to building a profession that reflects and serves everyone.
Passionate about diversity in cybersecurity? Let’s connect and explore how we can create more inclusive pathways into this critical profession.
By – Pooja Shimpi | Cybersecurity GRC & AI Governance Advisor
