Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Careers & People

5/29/2019
10:30 AM
Nineveh Madsen
Nineveh Madsen
Commentary
Connect Directly
Twitter
RSS
E-Mail vvv
50%
50%

Why Fostering Flexibility Is a Win for Women & Cybersecurity

Creating a culture of supporting and advancing women is no small feat, but it's worth the challenge. Start with yourself. Here's how.

Affecting change within an organization can feel like pushing a giant boulder up a hill. The temptation is to put your head down and get the work done. Sometimes it also means flexing some underused muscles, which means we have to do things differently and be willing to take risks.

The statistics below showcase where women stand within cybersecurity, the technology industry, and in general professional jobs right now. Women make up more than half of the population and hold 51.5% of all professional jobs. The foundation may be strong, but here's where we need improvement:

In cybersecurity, the numbers are even worse. There's a massive shortage of cyber jobs, yet women make up only 20% of the cybersecurity workforce. One way to change the numbers is to change the way we work. This means providing women the flexibility to get things done from home and, yes, sometimes even when the kids are there.

Work-Life Balance
The majority of women working in IT believe that having a family places them at a disadvantage professionally, according to a 2018 Harvey Nash Women in Technology report. Why then, with so many technology tools available to connect us globally, are we still required to show up in the office every day from 9 to 5, or longer? As an executive at a cybersecurity company, I work remotely, with the trade-off that I must travel to our headquarters from time to time. Still, as part of a mostly remote team, we are consistently delivering very positive results.

Conversely, when companies fail to trust teams with the flexibility of working remotely, they are losing out on significant opportunities. It's time to ditch demeaning work cultures and change how business gets done so women and men are able to choose family and career.

My experience in the cybersecurity field is unique because I work for a company that embraces remote work; however, it hasn't come without challenges. Working in a male-dominated industry among a male-dominant executive team means broaching uncomfortable topics.

The team was flexible with my maternity leave in 2018 and open about giving me as much time as I needed. But I still had to educate the male staff about breastfeeding, why travel was out of the question for the first six months of my daughter's life, and why sometimes I had to rearrange meetings due to pumping sessions. I chose to provide explanations because I don't think enough women are sharing this information.

Women in cybersecurity are slowly starting to make inroads, according to several recent studies. But there are still many institutional barriers, such as burnout, lack of career advancement opportunities, and an industry culture of sexism. Another reason for the continuing gender disparity in our industry is because security professionals are not willing to talk about many real, practical issues that get in the way. In my case, I found my male colleagues to be receptive to my candor. Now I'm proud to say we've added another female executive to the team, which is a testament to how contributing to the conversation can help change the numbers.

Lessons Learned
When you're intentional about your goals, you will get there in time. But it doesn't happen overnight. Here are some valuable lessons I've learned: 

  • Be your own champion. Ask for the respect and for the salary, but be willing to put in the hard work required. Your boss is more likely to trust you with a flexible work model if your work ethic is unwavering.
  • Don't let the stumbling blocks discourage you. When it comes to our careers, the pressure to be perfect often leads us to be far too conservative with our aspirations. Instead, be brave! Your stumbling blocks will be moments in your career that highlight your perseverance.
  • Advance yourself so that you can advance other women. The Harvey Nash survey found that 31% of women in tech left their last job because they had no opportunities for advancement. Advancement happens when you take initiative. Don't wait for it. Instead, create the opportunity you're seeking.

What have you seen that helps champion women? Have you been with a company that did this well? Ask yourself these questions, and if the answers fall short, take time to discover why. Creating a culture of supporting and advancing women is no small feat, but it's worth the challenge. Start with yourself.

Related Content:

Nineveh Madsen is an executive at OpenVPN, a provider of next-gen secure and scalable communication services. The company's VPN protocol is the standard in the open source networking space with over 50 million downloads since inception. Before making the transition into the ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
dirtyjoe78
100%
0%
dirtyjoe78,
User Rank: Apprentice
5/29/2019 | 11:26:17 AM
Flexibility lowest in infosec
Felxibility in operational security is low in the vast majority of companies.  They will let cloud operations, Networking even HR have work from home days or flexible schedules.  Infosec has very rigid schedules with no flexibility.  Disaster recovery plan is to work from a remote location but that will never get tested for infosec and don't even think about asking.  It would be beneficial to everyone including enticing new talent into infosec if there was more flexibility.  Issues like this are not gender specific and have benefits for everyone in infosec.
REISEN1955
100%
0%
REISEN1955,
User Rank: Ninja
5/29/2019 | 12:21:34 PM
Re: Flexibility lowest in infosec
Everyone thinks IT is just programming or web page design.  There is so much more to it and beyond server support ... which leads us to Info security.  Management though has an outsource opinion of most IT functions so a career option for an entry level position is dangerous.  I have been outsourced out of a great job to be replaced by kids who delivered pizza.  True.  So new talent coming in is rare and again often think it is programming, code support and such.  InfoSec is the career solid choice right now and it is not being - for the time being - outsourced the way nominal It functions are.  Pay is better too.  And this is not a sex-specific issue.  We need GOOD TALENT whether male or female.   Right now. 
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
5/31/2019 | 3:21:24 PM
Flexibility through Automation
Flexibility is definitely a win especially in the current professional climate. The typical 9-5 butt in seat mentality is being overwritten thanks to technology. As a InfoSec Engineer, I have made it my credo to automate as much as I can to ensure that I am focusing on the most important facets of my job. I think due to this it has afforded me the ability to be remote because I am continuing to perform at a high level. 

I find that with this benefit, I am more motivated to give it my all whether in or out of the office because you don't feel trapped within a dead end job.
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
7 Tips for Infosec Pros Considering A Lateral Career Move
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2020
For Mismanaged SOCs, The Price Is Not Right
Kelly Sheridan, Staff Editor, Dark Reading,  1/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment:   It's a PEN test of our cloud security.
Current Issue
IT 2020: A Look Ahead
Are you ready for the critical changes that will occur in 2020? We've compiled editor insights from the best of our network (Dark Reading, Data Center Knowledge, InformationWeek, ITPro Today and Network Computing) to deliver to you a look at the trends, technologies, and threats that are emerging in the coming year. Download it today!
Flash Poll
How Enterprises are Attacking the Cybersecurity Problem
How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7245
PUBLISHED: 2020-01-23
Incorrect username validation in the registration processes of CTFd through 2.2.2 allows a remote attacker to take over an arbitrary account after initiating a password reset. This is related to register() and reset_password() in auth.py. To exploit the vulnerability, one must register with a userna...
CVE-2019-14885
PUBLISHED: 2020-01-23
A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property's security attribute value is revealed in the JBoss EAP log file when executing a JBoss CLI 'reload' command. This flaw can lead to the exposure of confidential information...
CVE-2019-17570
PUBLISHED: 2020-01-23
An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintained and this issue...
CVE-2020-6007
PUBLISHED: 2020-01-23
Philips Hue Bridge model 2.X prior to and including version 1935144020 contains a Heap-based Buffer Overflow when handling a long ZCL string during the commissioning phase, resulting in a remote code execution.
CVE-2012-4606
PUBLISHED: 2020-01-23
Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges.