Supporting and improving diversity in the UK cyber security sector is a key objective of the UK Cyber Security Council. The Council is committed to overcoming actual or perceived barriers to entry into and progression within the industry.

The Council is committed both to encouraging equality, diversity and inclusion among its workforce and to eliminating unlawful discrimination. The Council aims for its staff and suppliers to be truly representative of all sections of society and our customers, and for every employee, contractor or supplier to feel acknowledged, respected and able to be their best.

The Council is also committed to eliminating unlawful discrimination against its members or the public.

The Council will:

• provide equality, fairness and respect for all in our employment, whether temporary, part-time or full-time
• not unlawfully discriminate because of the Equality Act 2010 protected characteristics of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race (including colour, nationality, and ethnic or national origin), religion or belief, sex and sexual orientation
• oppose and avoid all forms of unlawful discrimination. This includes in pay and benefits, terms and conditions of employment, dealing with grievances and discipline, dismissal, redundancy, leave for parents, requests for flexible working, and selection for employment, promotion, training or other developmental opportunities

The Council commits to:

• encouraging equality, diversity and inclusion in the workplace
• creating a working environment and a cyber security profession free of bullying, harassment, victimisation and unlawful discrimination, promoting dignity and respect for all, and where individual differences and the contributions of all staff are recognised and valued. This commitment includes training all its own staff about their rights and responsibilities under this equality, diversity and inclusion policy. Responsibilities include staff conducting themselves to help the organisation provide equal opportunities in employment, and prevent bullying, harassment, victimisation and unlawful discrimination. More broadly, all cyber security professionals should understand they, as well as their employer, can be held liable for acts of bullying, harassment, victimisation and unlawful discrimination, in the course of their employment, against fellow employees, customers, suppliers and the public.
• take seriously complaints of bullying, harassment, victimisation and unlawful discrimination by fellow employees, customers, suppliers, visitors, the public and any others in the course of the organisation’s work activities. Such acts will be dealt with as misconduct under the organisation’s grievance and/or disciplinary procedures, and appropriate action will be taken. Particularly serious complaints could amount to gross misconduct and lead to dismissal without notice. Sexual harassment may amount to both an employment rights matter and a criminal matter, such as in sexual assault allegations. In addition, harassment under the Protection from Harassment Act 1997 – which is not limited to circumstances where harassment relates to a protected characteristic – is a criminal offence.
• make opportunities for training, development and progress available to all staff, who will be helped and encouraged to develop their full potential, so their talents and resources can be fully realised to maximise the efficiency of the organisation.
• decisions concerning staff being based on merit (apart from in any necessary and limited exemptions and exceptions allowed under the Equality Act).
• review employment practices and procedures when necessary to ensure fairness, and also update them and the policy to take account of changes in the law.
• monitor the make-up of the workforce regarding information such as age, sex, ethnic background, sexual orientation, religion or belief, and disability in encouraging equality, diversity and inclusion, and in meeting the aims and commitments set out in the equality, diversity and inclusion policy. Monitoring will also include assessing how the equality, diversity and inclusion policy, and any supporting action plan, are working in practice, reviewing them annually and considering and taking action to address any issues.

This equality, outreach and diversity policy is fully supported by the Trustees and Leadership Team of the UK Cyber Security Council.

Use of the Council’s grievance and/or disciplinary procedures does not affect any party’s right to make a claim or other complaint within three months of the alleged discrimination nor any other statutory right that may apply.

The UK Cyber Security Council is registered as a Charity in England & Wales (number 1195030).