Operations
6/6/2014
05:32 PM
Marilyn Cohodas
Marilyn Cohodas
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

Dark Reading Radio: Breaking the Glass Ceiling in InfoSec

Join the discussion about the challenges and rewards of being a woman in IT security from the vantage point of three accomplished security professionals. Wednesday, June 11, 2014 at 1:00 p.m. ET

"Lean in," says Facebook COO Sheryl Sandberg in her best-selling 2013 book of the same name, which advises women on how to shatter glass ceilings in tech and other male-dominated industries. But, as any woman in tech will tell you, the challenges today are daunting.

The numbers say a lot, especially in a field where there is a gigantic skills shortage: According to the recently released InformationWeek IT Salary Survey, women comprise only 14% of security staff positions, just 10% of management roles, and female managers earn about $27,000 less than their male counterparts.  

Even more disconcerting is research from the Center for Talent Innovation, which reports that while roughly 50% of STEM program graduates are women, women working in high-tech fields are 45% more likely than their male peers to leave the industry within a year of entering it.

In our next episode of Dark Reading Radio on Wednesday, June 11, 2014 at 1:00 p.m. ET (10:00 a.m. PT), I’ll be leading a panel discussion about the challenges and opportunties for women in IT security. In addition to the issues of the gender gap and pay equity, we'll be talking about the psychic rewards of a career in the security field -- things like learning, camaraderie, and fighting the good fight. Our panelists will also share some of their hard-earned wisdom about how to get ahead in a man's world.

Let me tell you a little bit about our guest speakers:

Lysa Myers began her tenure in malware research labs in the weeks before the Melissa virus outbreak in 1999. Over the years, Lysa has worked both within antivirus research labs, finding and analyzing new malware, and within the third-party testing industry to evaluate the effectiveness of security products. As a Security Researcher for ESET, she currently focuses on providing practical analysis and advice of security trends and events.

Marisa Fagan is a community manager at Bugcrowd where she oversees 7,000 security researchers. Before that, Marisa was a member of the Facebook product security team responsible for the Facebook Bug Bounty, and she managed penetration testing and research projects at Errata Security. Marisa is a co-founder of the Bay Area hacker con, BayThreat, in Mountain View, Calif.

Kerstyn Clover  is a consultant on the SecureState Attack and Defense Team, where she works with a broad range of organizations across a variety of industries on security assessments including incident response, forensic analysis, and social engineering.

I hope you’ll join us on Wednesday for what promises to be an exciting discussion about opportunities in the security industry from the vantage point of three professional women with stellar resumes and a passion about their work. You can post your comments below or bring them to the Dark Reading radio studio. I look forward to seeing you there. 

Marilyn has been covering technology for business, government, and consumer audiences for over 20 years. Prior to joining UBM, Marilyn worked for nine years as editorial director at TechTarget Inc., where she launched six Websites for IT managers and administrators supporting ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/12/2014 | 10:00:08 AM
Thanks to all for a fantastic radio show and discussion.
You can still listen to the broadcast and read (and add to the commentary. Just go to our Dark Reading Radio studio and start the audio player. 
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/11/2014 | 10:54:36 AM
Link to the Radio Show
We're just a few hours away from today's Radio Show. Here's the link to our studio where you can listen to the panel discussion and chat live with your peers. 

http://www.darkreading.com/radio.asp?webinar_id=93

See you at 1 pm ET/10 am PT. 
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/10/2014 | 3:52:21 PM
Re: Question to the Panelists
Looking forward to "seeiing" some new names & "faces" tomorrow for our Radio Show but if our date and time doesn't fit into your schedule please be sure to post your comments or questions here. Of course, we are an equal opportunity radio broadcast so if you aren't a woman in IT but work with one, are friends with one, or are related to one, we welcome you to the discussion as well.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/9/2014 | 11:50:19 AM
Re: Question to the Panelists
Thanks for the clarifications. I'll make sure that gets asked during the broadcast or text chat on Wednesday. I hope you can make it -- then you can ask it yourself.

Marilyn
SecOpsSpecialist
50%
50%
SecOpsSpecialist,
User Rank: Strategist
6/9/2014 | 11:48:08 AM
Re: Question to the Panelists
Marilyn,

What I'm asking specifically is in their experience, they may have run into the perpetual issue where others in the field, or customers, do not believe that they have the technical chops to know what they are talking about, as such, how have they dealt with that adversity? What did they do to overcome it? How did they not let it bother them?

 

Sorry, should have been a touch more specific.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/9/2014 | 11:41:47 AM
Re: Question to the Panelists
Thanks for your comment and question @SecOpsSpecialist.  I'm a little unclear about what you are asking. Do you mean your male colleagues don't think you have the appropriate knowledge and understanding of the job and the underlying technology? 

 
SecOpsSpecialist
50%
50%
SecOpsSpecialist,
User Rank: Strategist
6/9/2014 | 11:21:46 AM
Question to the Panelists
As a female security professional, I've been finding this one common theme in the computer STEM field:

Women are not expecting to know anything about their job or how a computer works.

 

As women in the Security field and the computer field which is male-dominated, how do you respond when you have to interact with someone who clearly views you as inferior to them? How do you get around it?
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/9/2014 | 9:38:59 AM
Re: Lysa Myers
Thanks for your comment, @christianbryan! This is indeed  great panel and it's one hat is open to everyone -- not just for women in InfoSec. Fathers, brothers and colleagues of women in InfoSec. Please come and add your voice and views to the discussion.

 
Christian Bryant
100%
0%
Christian Bryant,
User Rank: Ninja
6/7/2014 | 10:10:23 AM
Lysa Myers
I look forward to this, especially for Lysa Myers.  I've been following her writing and enjoy her style.  This is a great panel and, as I've noted in the past, as a father of daughters - one of whom is demonstrating high-tech abilities already - I'm really happy to see role models out there to reference if either of my girls chooses a professional path in tech.
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7407
Published: 2014-10-22
Cross-site request forgery (CSRF) vulnerability in the MRBS module for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

CVE-2014-3675
Published: 2014-10-22
Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet.

CVE-2014-3676
Published: 2014-10-22
Heap-based buffer overflow in Shim allows remote attackers to execute arbitrary code via a crafted IPv6 address, related to the "tftp:// DHCPv6 boot option."

CVE-2014-3677
Published: 2014-10-22
Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption.

CVE-2014-3828
Published: 2014-10-22
Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon Enterprise Server 2.2 allow remote attackers to execute arbitrary SQL commands via (1) the index_id parameter to views/graphs/common/makeXML_ListMetrics.php, (2) the sid parameter to views/graphs/GetXmlTree.php, (3) the session_id...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.