Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Careers and People
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Comments
Women In Security: We've Still Got A Long Way To Go, Baby
Threaded  |  Newest First  |  Oldest First
Marilyn Cohodas
Marilyn Cohodas,
 User Rank: Strategist
5/23/2014 | 11:01:13 AM
Great column and thanks for sharing
What struck me in your blog was the reference from The Atlantic cover story "The Confidence Gap." You wrote that there is evidence that "success, it turns out, correlates just as closely with confidence as it does with competence,"

It took me more than 50 years on this earth to realize that I was just as competent as many of my male peers in journalism. But the guys were always more confident about taking risks -- even for jobs they were barely competent in. It's something we gals need to keep in mind when considering opportunities that will make us stretch.

 

 
Sara Peters
Sara Peters,
 User Rank: Author
5/23/2014 | 11:22:34 AM
Re: Great column and thanks for sharing
@Marilyn  It's so true! Another thing in The Atlantic story was that women only asked for promotions when they were sure that they fulfilled 100% of the job requirements. Men asked when they fulfilled only 50%.
RetiredUser
RetiredUser,
 User Rank: Ninja
5/23/2014 | 4:45:32 PM
FOSS and Women
As the father of two daughters, I take a real close look at the communities I'm a part of.  I'm thankful to be part of the Free and Open Source (FOSS) communities because I am always running into smart female hackers who work in the industry.  I don't claim that everything is perfect, but when I'm at the Southern California Linux Expo (SCALE) I'm constantly impressed by how many more professional women there are every year; and I'm not just talking about LinuxChix Los Angeles (who I love to death) but every other booth I stop at reflects a new dynamic from the stuffy male-driven conferences of the past. 

Now, I'm not saying that corporate IT environments and underground cyber communities are worse than FOSS when it comes to female equality (I can name many women in both thos environments that probably have set the tone for future increased female participation), but I have found that FOSS communities shine with smart and respected female hackers. 

As has always been the hacker tradition, I say "show me the code" should be the measuring stick in IT and whatever the gender, religion, sexual identity of the hacker in question, the code rules.  Maybe if we can follow that rule of thumb we can put bias of all types in IT behind us and start having more fun!

I hope we get there soon, too - my daughter turns seven soon and she's already got all the signs of being a great FOSS hacker.  She is currently editing her LibreOffice "Nature Explorer" database on her gNewSense-driven laptop with dreams and potential I never had at that age. 

Happy gender-neutral hacking!

 
Sara Peters
Sara Peters,
 User Rank: Author
5/27/2014 | 10:23:55 AM
Re: FOSS and Women
@christianabryant  Thank you for the info and for being such a responsible dad to daughters! Hopefully they'll find the same supportive environment in the IT world as they get older.
anon9675841497
anon9675841497,
 User Rank: Apprentice
5/24/2014 | 1:47:26 PM
No problem
"there is a gender problem in IT"

 

No, there isn't. Why is it no one is writing stories about the "gender problem" with kindergarten teachers? Why can't people just accept the fact that women choose not to enter the field?
RyanSepe
RyanSepe,
 User Rank: Ninja
5/24/2014 | 6:10:40 PM
Re: No problem
I have to agree with you on some level even if your portayal comes off blunt. 

There are gender gaps, yes but I believe they people are putting too much detrimental emphasis on them. I think this becomes an entirely different issue if people are deterred from even trying and if that is the case then I apologize. However, @anon's analogy is very appropriate. There may be a gender gap with IT, but there also is with teaching, construction, nursing. However, I would not categorize these things as a problem. 

Statistically it would seem that interests between the majority of males and females are different. This is no cause for alarm. I think we are wasting time and resources by trying to make everything 50/50 when there isn't a detriment to the current scenario. If the status quo remains with the gender gap, what takes a hit? Can I get an outer perspective as to the harm this causes? This may help my understanding of why this might cause issue with some.

A better avenue to place time and resources would be gender inequality as it relates to pay. That should be the same for who ever is in that role, male or female. If the person has the same amount of experience, same responsibilities, and all other ancillary factors are congruent then the person should be provided the same compensation as their counterpart.
Sara Peters
Sara Peters,
 User Rank: Author
5/27/2014 | 10:00:47 AM
Re: No problem
@RyanSepe  Well, I agree with you that aiming for a 50/50 split is pointless, but I don't think that's really what anybody's goal is. Certain fields attract more women, others attract more men, and there's nothing wrong with that. The trouble is when someone is attracted to a field that then rejects them.

What concerns me is that maybe the split would be 20:80, if half the women who left the field after a year decided to stay instead.
RyanSepe
RyanSepe,
 User Rank: Ninja
5/27/2014 | 12:51:45 PM
Re: No problem
@SaraPeters.

I very much agree with you Sara, as I said earlier no one should be detracted from a field they wish to pursue. 

What are somethings that could be done for women so that they stay in said career path?
Sadie!
Sadie!,
 User Rank: Apprentice
5/27/2014 | 12:47:41 PM
Re: No problem
When women don't enter IT (or other male dominated industries), they aren't always simply choosing to not enter the field. Many girls grow up showing interests in STEM fields, but are discouraged from pursuing those interests directly or indirectly. When I was in high school I was interested in computer science, but never joined the computer club because I was intimidated by the all boy group. (I did end up pursuing my interests in college.) On the other side of your argument are professions like elementary teaching and nursing. I bet there are boys who are interested in these professions, but are encouraged to pursue more typically male jobs. Why was it so hilarious in the movie 'Meet the Parents' that Greg is a nurse?

This is an old video, recently passed around on the internet via upworthy (I know, yuck), but still relevant:
https://www.youtube.com/watch?feature=player_embedded&v=035lOhkNbkM
Kerstyn Clover
Kerstyn Clover,
 User Rank: Moderator
5/28/2014 | 8:59:29 AM
Re: No problem
| When women don't enter IT (or other male dominated industries), they aren't always simply choosing to not enter the field.

 

Yes! This hits the nail on the head in my opinion. I've always based my judgment on the idea of women being interested (or not) in these fields on talking to young women, my experiences, and the environments. I feel like there are a lot of people who base their assessments of women's interests only on the idea of "if they were interested they'd work in it, if not they wouldn't, there are few women here and therefore few women are interested in the topic". I think that misses a lot of complex socioeconomic factors which can be hard to put a finger on.
SachinEE
SachinEE,
 User Rank: Apprentice
5/26/2014 | 12:44:42 PM
Re : Women In Security: We've Still Got A Long Way To Go, Baby
In order to be taken seriously by men a woman should show she has the guts to face up to challenges brought out in a work place. Sara when you asked for a promotion, you should have just come out and said you want a pay rise too. Why did he give you the promotion if he didn't think you are not qualified to get the promotion? It just needs guts.
Marilyn Cohodas
Marilyn Cohodas,
 User Rank: Strategist
5/27/2014 | 9:57:54 AM
Re: Re : Women In Security: We've Still Got A Long Way To Go, Baby
@SachinEE Knowing Sara, I'm sure she has the guts to ask for a raise. And as the daughter of an assertive working mother and the mother of an assertive (when she wants to be) daughter I totally agree that being proactive is an important strategy for women who want to achieve pay parity and recognization in security-- along with many other fields.

While I can't speak directly about women in security, after 30-plus years in the workforce, I've seen plenty of examples of "exclusionary macho culture and a lack of executive sponsorship" as mentioned in the article. We all have to play a role in elimiinating that bias.
Sara Peters
Sara Peters,
 User Rank: Author
5/27/2014 | 10:07:30 AM
Re: Re : Women In Security: We've Still Got A Long Way To Go, Baby
@SachinEE @Marilyn   Well it might be a problem with a lack of guts. But I can tell you that the time I asked for the promotion but not the raise was because I knew the better title would help me do a better job (because people were more likely to return my phone calls), but I also knew that the company was struggling a bit financially and I didn't want to a) hurt the company, or b) have them immediately reject my request for a promotion.

So, I guess it was partly a lack of confidence and partly a willingness to sacrifice a little something for the sake of the company. I think both of those things are rather common among women.

Regardless... I should have at least asked for the raise, even if I was willing to take the promotion without the money if they said they couldn't afford it. It's silly that I didn't do it.


 
Kerstyn Clover
Kerstyn Clover,
 User Rank: Moderator
5/28/2014 | 9:39:32 AM
Re: Re : Women In Security: We've Still Got A Long Way To Go, Baby
All this talk about guts and asking for things made me think of a spoken word piece I've seen by Lily Myers. Relevant portion: "I asked five questions in genetics class today and all of them started with the word 'sorry.'"

 

Sara, I think you brought up a lot of excellent points here and I appreciate that you backed them with some great references. I'll have to read through a couple I hadn't seen yet. Of course I also appreciate the shout-out; I think we've both honed in on the same issue. Now, if only we had all the answers and ability to fix it that would be peachy.
Sara Peters
Sara Peters,
 User Rank: Author
5/28/2014 | 2:47:27 PM
Re: Re : Women In Security: We've Still Got A Long Way To Go, Baby
@Kerstyn  Agreed! "if only we had all the answers and ability to fix it that would be peachy." I think really that the change is only going to happen if both men and women, boys and girls, help make it so. I just learned about a new non-profit aimed at getting more girls into STEM fields, but the group is for both girls AND BOYS. I think that's the right way to go. Instead of making boys feel excluded or girls feel separate, it's better to get them both working together so that they both feel that being different genders is no big deal.

I'll share more about them when I know more.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Everything You Need to Know About DNS Attacks
It's important to understand DNS, potential attacks against it, and the tools and techniques required to defend DNS infrastructure. This report answers all the questions you were afraid to ask. Domain Name Service (DNS) is a critical part of any organization's digital infrastructure, but it's also one of the least understood. DNS is designed to be invisible to business professionals, IT stakeholders, and many security professionals, but DNS's threat surface is large and widely targeted. Attackers are causing a great deal of damage with an array of attacks such as denial of service, DNS cache poisoning, DNS hijackin, DNS tunneling, and DNS dangling. They are using DNS infrastructure to take control of inbound and outbound communications and preventing users from accessing the applications they are looking for. To stop attacks on DNS, security teams need to shore up the organization's security hygiene around DNS infrastructure, implement controls such as DNSSEC, and monitor DNS traffic
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-33196
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences. Cross site scripting (XSS) can be triggered by review volumes. This issue has been fixed in version 4.4.7.
CVE-2023-33185
PUBLISHED: 2023-05-26
Django-SES is a drop-in mail backend for Django. The django_ses library implements a mail backend for Django using AWS Simple Email Service. The library exports the `SESEventWebhookView class` intended to receive signed requests from AWS to handle email bounces, subscriptions, etc. These requests ar...
CVE-2023-33187
PUBLISHED: 2023-05-26
Highlight is an open source, full-stack monitoring platform. Highlight may record passwords on customer deployments when a password html input is switched to `type="text"` via a javascript "Show Password" button. This differs from the expected behavior which always obfuscates `ty...
CVE-2023-33194
PUBLISHED: 2023-05-26
Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was...
CVE-2023-2879
PUBLISHED: 2023-05-26
GDSDB infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file