Operations
6/6/2014
05:32 PM
Marilyn Cohodas
Marilyn Cohodas
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

Dark Reading Radio: Breaking the Glass Ceiling in InfoSec

Join the discussion about the challenges and rewards of being a woman in IT security from the vantage point of three accomplished security professionals. Wednesday, June 11, 2014 at 1:00 p.m. ET

"Lean in," says Facebook COO Sheryl Sandberg in her best-selling 2013 book of the same name, which advises women on how to shatter glass ceilings in tech and other male-dominated industries. But, as any woman in tech will tell you, the challenges today are daunting.

The numbers say a lot, especially in a field where there is a gigantic skills shortage: According to the recently released InformationWeek IT Salary Survey, women comprise only 14% of security staff positions, just 10% of management roles, and female managers earn about $27,000 less than their male counterparts.  

Even more disconcerting is research from the Center for Talent Innovation, which reports that while roughly 50% of STEM program graduates are women, women working in high-tech fields are 45% more likely than their male peers to leave the industry within a year of entering it.

In our next episode of Dark Reading Radio on Wednesday, June 11, 2014 at 1:00 p.m. ET (10:00 a.m. PT), I’ll be leading a panel discussion about the challenges and opportunties for women in IT security. In addition to the issues of the gender gap and pay equity, we'll be talking about the psychic rewards of a career in the security field -- things like learning, camaraderie, and fighting the good fight. Our panelists will also share some of their hard-earned wisdom about how to get ahead in a man's world.

Let me tell you a little bit about our guest speakers:

Lysa Myers began her tenure in malware research labs in the weeks before the Melissa virus outbreak in 1999. Over the years, Lysa has worked both within antivirus research labs, finding and analyzing new malware, and within the third-party testing industry to evaluate the effectiveness of security products. As a Security Researcher for ESET, she currently focuses on providing practical analysis and advice of security trends and events.

Marisa Fagan is a community manager at Bugcrowd where she oversees 7,000 security researchers. Before that, Marisa was a member of the Facebook product security team responsible for the Facebook Bug Bounty, and she managed penetration testing and research projects at Errata Security. Marisa is a co-founder of the Bay Area hacker con, BayThreat, in Mountain View, Calif.

Kerstyn Clover  is a consultant on the SecureState Attack and Defense Team, where she works with a broad range of organizations across a variety of industries on security assessments including incident response, forensic analysis, and social engineering.

I hope you’ll join us on Wednesday for what promises to be an exciting discussion about opportunities in the security industry from the vantage point of three professional women with stellar resumes and a passion about their work. You can post your comments below or bring them to the Dark Reading radio studio. I look forward to seeing you there. 

Marilyn has been covering technology for business, government, and consumer audiences for over 20 years. Prior to joining UBM, Marilyn worked for nine years as editorial director at TechTarget Inc., where she launched six Websites for IT managers and administrators supporting ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/12/2014 | 10:00:08 AM
Thanks to all for a fantastic radio show and discussion.
You can still listen to the broadcast and read (and add to the commentary. Just go to our Dark Reading Radio studio and start the audio player. 
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/11/2014 | 10:54:36 AM
Link to the Radio Show
We're just a few hours away from today's Radio Show. Here's the link to our studio where you can listen to the panel discussion and chat live with your peers. 

http://www.darkreading.com/radio.asp?webinar_id=93

See you at 1 pm ET/10 am PT. 
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/10/2014 | 3:52:21 PM
Re: Question to the Panelists
Looking forward to "seeiing" some new names & "faces" tomorrow for our Radio Show but if our date and time doesn't fit into your schedule please be sure to post your comments or questions here. Of course, we are an equal opportunity radio broadcast so if you aren't a woman in IT but work with one, are friends with one, or are related to one, we welcome you to the discussion as well.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/9/2014 | 11:50:19 AM
Re: Question to the Panelists
Thanks for the clarifications. I'll make sure that gets asked during the broadcast or text chat on Wednesday. I hope you can make it -- then you can ask it yourself.

Marilyn
SecOpsSpecialist
50%
50%
SecOpsSpecialist,
User Rank: Strategist
6/9/2014 | 11:48:08 AM
Re: Question to the Panelists
Marilyn,

What I'm asking specifically is in their experience, they may have run into the perpetual issue where others in the field, or customers, do not believe that they have the technical chops to know what they are talking about, as such, how have they dealt with that adversity? What did they do to overcome it? How did they not let it bother them?

 

Sorry, should have been a touch more specific.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/9/2014 | 11:41:47 AM
Re: Question to the Panelists
Thanks for your comment and question @SecOpsSpecialist.  I'm a little unclear about what you are asking. Do you mean your male colleagues don't think you have the appropriate knowledge and understanding of the job and the underlying technology? 

 
SecOpsSpecialist
50%
50%
SecOpsSpecialist,
User Rank: Strategist
6/9/2014 | 11:21:46 AM
Question to the Panelists
As a female security professional, I've been finding this one common theme in the computer STEM field:

Women are not expecting to know anything about their job or how a computer works.

 

As women in the Security field and the computer field which is male-dominated, how do you respond when you have to interact with someone who clearly views you as inferior to them? How do you get around it?
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/9/2014 | 9:38:59 AM
Re: Lysa Myers
Thanks for your comment, @christianbryan! This is indeed  great panel and it's one hat is open to everyone -- not just for women in InfoSec. Fathers, brothers and colleagues of women in InfoSec. Please come and add your voice and views to the discussion.

 
Christian Bryant
100%
0%
Christian Bryant,
User Rank: Ninja
6/7/2014 | 10:10:23 AM
Lysa Myers
I look forward to this, especially for Lysa Myers.  I've been following her writing and enjoy her style.  This is a great panel and, as I've noted in the past, as a father of daughters - one of whom is demonstrating high-tech abilities already - I'm really happy to see role models out there to reference if either of my girls chooses a professional path in tech.
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
10 Recommendations for Outsourcing Security
10 Recommendations for Outsourcing Security
Enterprises today have a wide range of third-party options to help improve their defenses, including MSSPs, auditing and penetration testing, and DDoS protection. But are there situations in which a service provider might actually increase risk?
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-3304
Published: 2014-10-30
Directory traversal vulnerability in Dell EqualLogic PS4000 with firmware 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI.

CVE-2013-7409
Published: 2014-10-30
Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .m3u (playlist) file.

CVE-2014-3446
Published: 2014-10-30
SQL injection vulnerability in wcm/system/pages/admin/getnode.aspx in BSS Continuity CMS 4.2.22640.0 allows remote attackers to execute arbitrary SQL commands via the nodeid parameter.

CVE-2014-3584
Published: 2014-10-30
The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the authorization header of a request to a JAX-RS service.

CVE-2014-3623
Published: 2014-10-30
Apache WSS4J before 1.6.17 and 2.x before 2.0.2, as used in Apache CXF 2.7.x before 2.7.13 and 3.0.x before 3.0.2, when using TransportBinding, does properly enforce the SAML SubjectConfirmation method security semantics, which allows remote attackers to conduct spoofing attacks via unspecified vect...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.