Gula Tech Foundation Grants $1M to Make Cybersecurity More Diverse

How do we increase diversity, and specifically African-American representation, in the cybersecurity industry? These 11 nonprofits have plans to do just that, and the Gula Tech Foundation is going to award three of them a combined $1 million in grants to help them accelerate their goals. How do we increase diversity, and specifically African-American representation, in the cybersecurity industry? These 11 nonprofits have plans to do just that, and the Gula Tech Foundation is going to award three of them a combined $1 million in grants to help them accelerate their goals. Gula Tech Foundation is a nonprofit, founded by longtime cybersecurity entrepreneurs Ron and Cyndi Gula, to award $1 million in grants to other security nonprofits. In its first competitive grant program, the foundation focused on increasing African-American engagement in cybersecurity, and today it announced the first set of finalists. Some of the nonprofits aim to create a pipeline of cybersecurity professionals and others focus on apprenticeships or classroom training for Black kids. One of the finalists, America On Tech, proposed a mentorship program funded by the Gula Tech Foundation to send African-American cybersecurity professionals into high schools to create better pathways to degrees and careers in technology. “They already have 70 schools they work with, and so the impact that they would be able to make is very appealing,” Cyndi said. “They’re at an inflection point.” Another finalist, Cyber Readiness Institute, helps small to midsized businesses protect their data, employees, vendors, and customers. Its backers include Microsoft and Mastercard, and “its proposal focused on Black-owned businesses and the idea that if you get a small business that is Black-owned to be cyber-resilient, you’re probably going to not only teach them about cybersecurity but probably create leaders,” Ron said. Still another called Girl Security, targets girls and young women, “but they’re not just taking the coding aspect of cybersecurity,” Cyndi said. “They’re really focused on how it impacts policy and law, and all different avenues. It’s not just a one path into cybersecurity. They really attempt to attract people where they are, what their passion is, and then relate that to cybersecurity and grow that further.” Next week, the Gula Tech Foundation will announce the three winners at a virtual awards event on March 9 at 2pm EST with guest speaker Harry Coker, former CIA and NSA senior executive. The first-place winner will receive $500,000, second place will receive $300,000 and third place $200,000. Women and minorities remain woefully under-represented in cybersecurity. Cyndi said the most recent numbers she has seen puts the percentage of African Americans working in cybersecurity between 3% and 7%, which lines up with the International Consortium of Minority Cybersecurity Professionals’ figures. That group says only 6% of STEM workers are African American compared to an overall 11% of the U.S. workforce. “The question is: why? Why are there not more African Americans in cybersecurity? And whether we or other people have answers, we really wanted to give voice to those and be very purposeful as to what we can do to open that up to people in our network, people who are in cybersecurity, and people outside of cybersecurity,” Cyndi said. And while the grants won’t solve the problem of the lack of diversity in cybersecurity, she said she hopes that they will help “invite people into the industry, and amplify the need to really have a conversation, and be purposeful about it.” Being purposeful even included the exact wording for the program: African Americans in cybersecurity instead of Blacks. “We debated, is this increasing Black engagement in cybersecurity or increasing African-American engagement? And we spent some time with the Aspen Institute and others, and they are two different things,” Ron said. Black is a larger umbrella, and this program aims to support Americans of African descent as opposed to recent immigrants from Haiti or Africa or even Black cybersecurity professionals around the globe, he explained. “It’s a complex issue, and we really wanted to make sure that we are very purposeful how we approach this.” The foundation spun out of Gula Tech Adventures, which is the husband-wife team’s firm that invests in for-profit cybersecurity startups. Since 2017, it has invested in more than 40 startups and funds including Automox, Cybrary, Huntress, and Scythe. Before they founded the investment firm, Ron co-founded and served as CEO of Tenable Network Security. Cyndi was Tenable’s first employee and later president of Network Security Wizards. Investing in startups and nonprofits serves a similar goal, Ron said. “The parallel with cybersecurity investing is leveling up people,” he explained. “Giving them, or donating a little bit of money is helpful, but we found that when a private company raises a seed round, or a Series A round, there’s some publicity, there’s a larger network, there’s more competence. And we see this same thing with these cybersecurity nonprofits.” After receiving applications from and assessing “hundreds” of nonprofits, the Gula Tech Foundation Board narrowed the pool down to 11 finalists. America on Tech, an early pipeline technology talent accelerator that prepares the next generation of leaders by creating pathways into degrees and careers in technology. Aspen Institute, which focuses on anti-racism and has years of experience in developing and executing programming on institutional practices and public service. Black Cybersecurity Association, which works to create a multi-generational pipeline of qualified professionals to enter the workplace and has more than 2,000 cybersecurity mentors. Cyber Readiness Institute and its programs to help small to medium-sized businesses become more secure against cyber vulnerabilities. CyberUp, which runs cybersecurity apprentice programs and capture-the-flag style games to give kids and students the confidence and experience to do cybersecurity jobs. Girl Security, which provides multi-disciplinary, equity-informed programming through its SEA Model to secure, empower, and advance girls and young women. Innovation Tech Academy, whose mission is to engage students in a curriculum that promotes appropriate and proper technology use along with digital citizenship. International Consortium of Minority Cybersecurity Professionals, which works to rectify the gaps within cybersecurity by creating a pipeline of qualified candidates by targeting the underrepresented, unemployed, career changers, students, and existing professionals wishing to transition into cybersecurity. Mission Fulfilled 2030, which has a vision to inspire, educate, and activate 100,000 African-American youth. The organization launched a K-12 Young Tech Entrepreneurs Program that engages young Black kids with a variety of programs featuring video games, social media, and cybersecurity. NPower Inc. that offers an advanced cybersecurity program two times per year starting March or July for 100 students. The program is 14 weeks of full-time virtual classroom training followed by 12 weeks of on-the-job training and professional development through a paid internship in the cybersecurity departments of NPower’s corporate partners. University of Maryland Global Campus Foundation, which is designated an NSA/DHS Center for Academic Excellence in Cybersecurity Education. UMGC has participated in several capacity-building grant opportunities that support enhancing the cybersecurity expertise of African American and other underrepresented populations. Whittling the applicant pool down to these 11 finalists wasn’t an easy task. In the process, the board looked for nonprofits and programs that had measurable plans, Cyndi said. One of the questions asked the organizations: what’s your vision of success? If the applicant responded: to get more African Americans in cybersecurity, “I can’t measure that,” she said. “Of course that’s your intent, and that’s a great vision — we all have that vision. But if you said you were going to be training X amount of people, or you’re going to make this type of impact and it was a very measurable, distinct deliverable, that’s what we were looking for.” And the grant process is ultimately about more than simply funding nonprofits, Ron said. It’s also about encouraging the larger cybersecurity industry to engage with these nonprofits by volunteering their own time and people, because diversity is imperative to moving the industry forward. “The cyber industry as a whole does not have a good track record of folks going back and being very purposeful, or saying here’s a way everybody can get involved, whether it’s somebody learning about cybersecurity or somebody who’s an executive. It’s about trying to create a mold for other people to say, hey, I could do that, too.”