CUSTOMER CASE STUDY

A Creative Solution from Discernible Helps Twilio’s Security Team Increase Community Engagement

The hiring market for cybersecurity talent remains extremely tight, with companies of all sizes competing for a limited pool of experienced security professionals. The current cybersecurity workforce gap is estimated to be 3.4 million globally, and it’s growing every year.  This trend will only continue, which means companies must expand their reach to find potential new hires - which includes attracting people with non-security backgrounds or candidates who aren’t currently considering a career in cybersecurity. 

In a climate like this, one of the most effective ways to do this is through an organization's existing staff.  Through speaking engagements, blogs, podcasts and other outreach, they can be a very effective megaphone for your company and help create a compelling case as to why security experts and other talented professionals should consider a position in your organization.

The Challenge

When she led the Security organization at Twilio, Coleen Coolidge understood the advantage of having current employees participate in speaking events, podcasts, blogging, and internal communications. This was part of her DNA - and the culture of the last company she worked at. She used this “security ambassador” strategy to great effect in her previous role as the CISO of the customer data platform company Segment. When Segment was acquired by Twilio, she wanted to replicate that approach to recruit high caliber cybersecurity staff to help protect Twllio’s sprawling businesses.   

However, at Twilio, the Security organization was larger, and external engagement from most of the teams wasn’t happening regularly. In addition, the organization included teams across the spectrum of security - including product and cloud security, risk and compliance, incident response, etc. So while there were a number of talented people solving a range of tough security problems, only a handful of them were sharing their expertise and experience externally. In turn, this made it even harder to find and connect with potential new hires.

“Security people care about who they work with and they want to work with smart people who challenge them,” according to Coolidge.

She and her leadership team understood this was partly a cultural problem and partly a process challenge. Many were reluctant to get involved in external brand and community engagement because:

• They didn’t feel they had the expertise or experience necessary to be “out there” publicly talking about how they were solving security problems

• They were reluctant to ask for support or guidance to get more involved

• There was no easy-to-find, single source of truth for what activities were happening, what opportunities were available and who was doing what, where, and on what topic, which made it difficult for leadership to consistently recognize and reward these efforts

Coleen and her Program Lead, Lilah Knight, who spearheaded the effort to find a solution, knew that if they were to be able to share Twilio’s great work and engage with the broader security community - and potential candidates - they needed a frictionless solution to nurture a pipeline of advocates to get the word out.

The Solution

Discernible was brought in to find a creative and easily deployable solution to entice people from across the Security organization to speak, blog, and generally share the good work the teams were doing and engage more deeply with their cohort outside the company. 

At Discernible, we frequently see security teams and communications teams struggle to organize, assign, and track external - and even internal - engagement opportunities. If it happens at all, it often involves sifting through emails and spreadsheets, and requires hours of manual labor. 

Our approach to solving this challenge for Twilio was to “meet people where they are.” For their organization, that was on Slack. That’s where the security teams were already communicating with each other and their senior leadership on a regular basis. Rather than create yet another platform or deploy an out-of-band tool to post opportunities and track engagement, we wanted to leverage what already existed, both culturally and technologically.

“Everyone was already on Slack and using it as an internal comms tool,” recalls Knight. “Discernible’s idea was to build a specialized Slack workflow and channel that could help automate the process end-to-end, from sharing the external engagement opportunities with the Security organization, all the way to automatically populating a tracker of completed engagements across all channels. We didn’t just want to make sure the team’s hard work was counted, we also wanted to understand trends among different teams, topics, and opportunities.”

The solution needed to achieve several goals:

• Automate the many steps involved in identifying, assigning, executing, and tracking external engagements

• Incentivize participation and overcome the current reluctance to be involved 

• Leverage experienced and interested team members as mentors and coaches

• Create a sustainable, single source of truth for existing and completed external engagements

• Give team leads oversight of which projects were shared externally and provide supporting details for individual performance reviews

To meet these goals, Discernible built and deployed a custom Slack workflow that automated the steps involved in Twilio’s external engagement process and included key elements to attract more participation. Specifically:

Smart Sequencing:  To support team members at various stages of an engagement, Discernible built the Slack workflow to respond with customized actions based on the individual’s stated purpose. For example, team members with an upcoming engagement could trigger the company’s necessary content review process by responding to the channel’s pinned post with a particular emoji. Responding with different emojis would trigger a different sequence of actions for team members who needed to document manager approvals or who wanted to schedule a dry run with members of their team. 

Engaged Mentors: A key blocker to greater participation was that often, employees weren’t confident that a topic they would like to speak about was valid or interesting. Or, if they selected an available topic, if they could speak to it appropriately. To overcome this, Discernible integrated a team of mentors into the process, who would sign up through the new Slack workflow to assist and guide fellow team members through the process. The new Slack workflow made engaging with a mentor to keep the momentum going easy. For example, an engagement opportunity would be posted, someone would express interest in the channel and that would automatically trigger an action in the mentor channel. A mentor would then sign up to assist and a message would automatically be sent to the team member who requested a mentor. 

Leif Dreizler, who was a security engineering manager at Twilio, was already acting as a reviewer/mentor when this solution was introduced.  “It definitely made the whole process a lot easier because before, there was a lot of messaging back and forth, and people asking the same questions over and over. And, no easy way to track it all,” Dreizler said. “The Slack solution made the whole system much more efficient.” 

Automated tracking:  The Slack channel was connected to Google Sheets and would automatically populate it with existing and completed opportunities - including all of the key details around topic, channel, dates, content, etc.  “It solved the pain of having all of this information living in random places,” recalls Knight.  “And we could filter by team, topic, and other criteria to get an accurate picture of our outreach and engagement across the organization.”

Results

Coolidge’s goal was to increase participation across ALL teams within her organization. “We integrated a communications and leadership pillar into our OKRs,” she recalls.  “The objective was to have current staff synthesize and talk about the types of security problems we were solving at Twilio, in order to attract the people we needed to help solve those problems.”

Knight says there was a notable increase in external engagement as a result of the deployed solution.

“We saw an increase in people using external branding efforts and people started using the new workflow and channels right away,” she recalls. “It eliminated the fear that people had about going out and doing this on their own. People felt safe looking in the channel for opportunities because they knew they would get the support they needed.”

For Coolidge, who was in a demanding leadership position with little time to spare, Discernible’s simple, yet powerful solution made a real difference. “I had never seen this process operationalized before. Discernible was able to take the whole process and build a sequential workflow, all the way from ‘I’m thinking about speaking or blogging’ to actually doing it,” she said. “It also ended up saving me and my team a lot of time, and for that, I’m incredibly thankful.” 

Coolidge, Knight, and Dreizler have since moved on from Twilio, each taking what they learned and experienced with Discernible into their new roles. We look forward to working with them on the next evolution of their journey.