Comments
Want Your Daughter to Succeed in Cyber? Call Her John
Newest First  |  Oldest First  |  Threaded View
frk055
50%
50%
frk055,
User Rank: Apprentice
5/21/2018 | 12:37:07 PM
Changing perceptions and realities in cyber security
 

Rob Clyde with ISACA recently noted their research on the topic: https://www.linkedin.com/pulse/isaca-data-diversity-issues-rob-clyde/

"An overall 31-point gap was found when it came to male and female perceptions of career advancement opportunities for women, compared to a 10-point gap for those with diversity programs in place within their organization"

If there continues to be a perception that women do not have the same advancement opportunities as men in IT and cyber security, fewer are likely choose to pursue it as a career path. ISACA research data indicates that programs may help or at least change perceptions about advancement opportunities. Programs are a start, but I do not think that they alone can drive the shift that is needed. The points raised about merit and hiring the best candidate are solid ones, yet there's a need for cyber security leaders take action to address both the perceptions and realities of the issue so that we have a larger talent pool of both women and men to fill the need for cyber security professionals.

Full report from ISACA at: https://cybersecurity.isaca.org/state-of-cybersecurity

 
JohnDeSantis
80%
20%
JohnDeSantis,
User Rank: Author
5/19/2018 | 1:13:18 PM
Re: A problem where there isn't one
"If more men/women applied for these jobs then there wouldn't be a problem" is a very tired argument that has been used to justify racial, gender, foreign origin and religious imbalances for years. I believe we instinctively tend to follow our embedded tribal/family traditions and learnings to follow careers and callings that feel comfortable to us and to go to places where we feel we belong. Maybe it's a survival thing. When one of my children went to college, one of the most interesting bits of advice he got for picking a major was this: look left, look right, are these the people you want to spend the rest of your life working with? In other words, do you feel you belong in this field? The point of the writing was to make more talented women feel that they could belong - and even thrive - if they were moved and/or attracted to the space, and that there were role models, mentors and sponsors that would help them find a path there. In spite of any tribal, family upbringing bias', or education choices made in the past, they could take a leap and belong to this new and exciting field full of opportunity and exciting prospects.
Surfer808
100%
0%
Surfer808,
User Rank: Apprentice
5/18/2018 | 8:01:39 PM
Re: A problem where there isn't one
I agree 100% that if a man or woman does not have the minimum technical skills to perform an IT security job AND they are not trainable under your coaching/teaching/mentoring, then you are setting him/her up for ultimate failure in the position.


That being said, good security talent is challenging to find. It is incumbent upon good leaders and good companies to seek out a broad, diverse & highly qualified pool of applicants. Most innovative security companies I know are reaching early into academia to seek out the best & brightest, they look to social media to find who is an expert in the area they're pursuing. With this, you get a diversity of opinion on how to address problems and find solutions to propel your organization forward. Without it, you will be stuck in group think and continue to plow down the same rut in your journey.

BTW, RAID is high-reliability storage that divides and replicates data amongst drives in a group. For brevity, RAID1 is primarily used for heavy processing requirements while RAID5 is more used for transactional applications. RAID was introduced in the 1980's when I was in elementary school. Personally, I am more a supporter of the emerging technology like FEC which does away with the arcane issues with RAID storage. Now that's a useful debate.
JasonTLouis
100%
0%
JasonTLouis,
User Rank: Apprentice
5/18/2018 | 5:56:47 PM
Re: A problem where there isn't one
So, all men and women like the exact same things? When I hear someone say men and women like different things, it isn't an all or nothing issue. It's an "in general" type of situation. You could say more women prefer to go into the social work field because that field tends to be dominated by women. Same thing with nursing or teaching to some extent.

Most people can look at these surveys and agree that the ratio of men to women in the tech field is nowhere near even. I don't think we will EVER achieve that. I'm all about merit. I don't really care who you are, if you're good at what you do, that's all that matters to me.

The gender pay gap is an interesting issue. When we look at these studies, it takes everyone and then averages it out. It also looks at maternity leave, taking more part time jobs, etc, to raise a family. It's being blatantly disingenuous to not mention that when it comes to the pay gap. All these surveys take that into account as to why many women are paid less than men in the same career field. Now, I'm not saying there could be cases where women are just paid less, but the majority of these surveys look at everything with regards to pay, including time you take off. Most men do not take any kind of maternity leave. You also have many women not taking more stressful or demanding jobs because of family related things. This obviously doesn't apply to all but whenever you read an article about the pay gap, they NEVER include how they came to those conclusions and what variables are included. You have to look at the methodology to figure out how they came to those conclusions. Just looking at a graph that says women are paid less is fooling yourself if all these companies are illegally paying people less because of their gender. Remember, there are federal and state laws against that kind of behavior.

At the end of the day, more men than women enroll in tech oriented programs. More men than women are looking for tech related jobs. More men than women are wanting to get into the tech field. Security included. That probably won't change anytime soon. What needs to change is starting at the family/education level and removing all stigmas around women in tech or "encouraging" someone to not get into that field due to their gender. They need to realize it doesn't matter, just be good at what you do and you will succeed.
cengel3
50%
50%
cengel3,
User Rank: Apprentice
5/17/2018 | 2:40:47 PM
Re: A problem where there isn't one
Same experience from my perspective with nearly 30 years in IT. It's been a few years since the last time I hired a direct report, however, when I did only about 10 percent of the resumes I got for the position were female. We did a basic skills competency test for all applicants that looked reasonably qualified and of the few women who came in to do the test, not one scored a passing grade. The male applicants didn't do all that stellar either, but at least a few passed.

The test was pretty basic, there was nothing "gender biased" about it.... either an applicant knows what the difference between RAID1 and RAID5 is or they don't.

The simple solution, if you want more females working in IT, have more qualified females apply for jobs in IT.

 

 
Kelly Jackson Higgins
80%
20%
Kelly Jackson Higgins,
User Rank: Strategist
5/17/2018 | 8:49:35 AM
Re: A problem where there isn't one
I have to strongly and respectfully disagree with you, @gmax28. First off, your presumption that men and women "like different things" literally echoes the underlying societal problem here. That's a fallacy that has been propagated by generations of outdated mindsets about women's "roles" in the workforce. You probably haven't seen a woman "restricted, disregarded or prevented" in or from an IT or infosec job because you are a man who hasn't experienced the same hurdles and pay gap issues. Dismissing the gender and diversity issue as a nonissue is a systemic problem and is one of the reasons why we are still grappling with a gender and diversity gap in security. The goal is to give everyone a fair shake to contribute to this massive and critical industry that can't keep up with the demand for people to fill its jobs.
gmax28
57%
43%
gmax28,
User Rank: Apprentice
5/16/2018 | 12:31:39 PM
A problem where there isn't one
I've been in IT for over 20 years now.  Not once have I seen a time where a woman was restricted, disregarded, or prevented in any way from an IT job, much less Infosec.  The FACT is that men and women LIKE DIFFERENT THINGS.  Where is the concern that 80% of teachers are women?  I don't see articles on 'How Do We Get More Men into Education."   This is just another liberal cause and this guy is falling right in line with it.  The reason there aren't more women in IT, BECAUSE THEY DON'T WANT TO.  Problem solved!  And it didn't take a CEO solve it... as usual. 


Google Engineering Lead on Lessons Learned From Chrome's HTTPS Push
Kelly Sheridan, Staff Editor, Dark Reading,  8/8/2018
White Hat to Black Hat: What Motivates the Switch to Cybercrime
Kelly Sheridan, Staff Editor, Dark Reading,  8/8/2018
PGA of America Struck By Ransomware
Dark Reading Staff 8/9/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Now about that mortgage refinance offer from Wells Fargo .....
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-6970
PUBLISHED: 2018-08-13
VMware Horizon 6 (6.x.x before 6.2.7), Horizon 7 (7.x.x before 7.5.1), and Horizon Client (4.x.x and prior before 4.8.1) contain an out-of-bounds read vulnerability in the Message Framework library. Successfully exploiting this issue may allow a less-privileged user to leak information from a privil...
CVE-2018-14781
PUBLISHED: 2018-08-13
Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723 Paradigm Revel, 523K / MMT - 723K Paradigm Revel, and 551 / MMT - 751 MiniMed 530G The models identified above, when paired with a remote controller and having the "easy bolus" and "remote bolu...
CVE-2018-15123
PUBLISHED: 2018-08-13
Insecure configuration storage in Zipato Zipabox Smart Home Controller BOARD REV - 1 with System Version -118 allows remote attacker perform new attack vectors and take under control device and smart home.
CVE-2018-15124
PUBLISHED: 2018-08-13
Weak hashing algorithm in Zipato Zipabox Smart Home Controller BOARD REV - 1 with System Version -118 allows unauthenticated attacker extract clear text passwords and get root access on the device.
CVE-2018-15125
PUBLISHED: 2018-08-13
Sensitive Information Disclosure in Zipato Zipabox Smart Home Controller allows remote attacker get sensitive information that expands attack surface.