Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Women In Security: We've Still Got A Long Way To Go, Baby
Threaded  |  Newest First  |  Oldest First
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
5/23/2014 | 11:01:13 AM
Great column and thanks for sharing
What struck me in your blog was the reference from The Atlantic cover story "The Confidence Gap." You wrote that there is evidence that "success, it turns out, correlates just as closely with confidence as it does with competence,"

It took me more than 50 years on this earth to realize that I was just as competent as many of my male peers in journalism. But the guys were always more confident about taking risks -- even for jobs they were barely competent in. It's something we gals need to keep in mind when considering opportunities that will make us stretch.

 

 
Sara Peters
50%
50%
Sara Peters,
User Rank: Author
5/23/2014 | 11:22:34 AM
Re: Great column and thanks for sharing
@Marilyn  It's so true! Another thing in The Atlantic story was that women only asked for promotions when they were sure that they fulfilled 100% of the job requirements. Men asked when they fulfilled only 50%.
RetiredUser
50%
50%
RetiredUser,
User Rank: Ninja
5/23/2014 | 4:45:32 PM
FOSS and Women
As the father of two daughters, I take a real close look at the communities I'm a part of.  I'm thankful to be part of the Free and Open Source (FOSS) communities because I am always running into smart female hackers who work in the industry.  I don't claim that everything is perfect, but when I'm at the Southern California Linux Expo (SCALE) I'm constantly impressed by how many more professional women there are every year; and I'm not just talking about LinuxChix Los Angeles (who I love to death) but every other booth I stop at reflects a new dynamic from the stuffy male-driven conferences of the past. 

Now, I'm not saying that corporate IT environments and underground cyber communities are worse than FOSS when it comes to female equality (I can name many women in both thos environments that probably have set the tone for future increased female participation), but I have found that FOSS communities shine with smart and respected female hackers. 

As has always been the hacker tradition, I say "show me the code" should be the measuring stick in IT and whatever the gender, religion, sexual identity of the hacker in question, the code rules.  Maybe if we can follow that rule of thumb we can put bias of all types in IT behind us and start having more fun!

I hope we get there soon, too - my daughter turns seven soon and she's already got all the signs of being a great FOSS hacker.  She is currently editing her LibreOffice "Nature Explorer" database on her gNewSense-driven laptop with dreams and potential I never had at that age. 

Happy gender-neutral hacking!

 
Sara Peters
50%
50%
Sara Peters,
User Rank: Author
5/27/2014 | 10:23:55 AM
Re: FOSS and Women
@christianabryant  Thank you for the info and for being such a responsible dad to daughters! Hopefully they'll find the same supportive environment in the IT world as they get older.
anon9675841497
50%
50%
anon9675841497,
User Rank: Apprentice
5/24/2014 | 1:47:26 PM
No problem
"there is a gender problem in IT"

 

No, there isn't. Why is it no one is writing stories about the "gender problem" with kindergarten teachers? Why can't people just accept the fact that women choose not to enter the field?
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
5/24/2014 | 6:10:40 PM
Re: No problem
I have to agree with you on some level even if your portayal comes off blunt. 

There are gender gaps, yes but I believe they people are putting too much detrimental emphasis on them. I think this becomes an entirely different issue if people are deterred from even trying and if that is the case then I apologize. However, @anon's analogy is very appropriate. There may be a gender gap with IT, but there also is with teaching, construction, nursing. However, I would not categorize these things as a problem. 

Statistically it would seem that interests between the majority of males and females are different. This is no cause for alarm. I think we are wasting time and resources by trying to make everything 50/50 when there isn't a detriment to the current scenario. If the status quo remains with the gender gap, what takes a hit? Can I get an outer perspective as to the harm this causes? This may help my understanding of why this might cause issue with some.

A better avenue to place time and resources would be gender inequality as it relates to pay. That should be the same for who ever is in that role, male or female. If the person has the same amount of experience, same responsibilities, and all other ancillary factors are congruent then the person should be provided the same compensation as their counterpart.
Sara Peters
50%
50%
Sara Peters,
User Rank: Author
5/27/2014 | 10:00:47 AM
Re: No problem
@RyanSepe  Well, I agree with you that aiming for a 50/50 split is pointless, but I don't think that's really what anybody's goal is. Certain fields attract more women, others attract more men, and there's nothing wrong with that. The trouble is when someone is attracted to a field that then rejects them.

What concerns me is that maybe the split would be 20:80, if half the women who left the field after a year decided to stay instead.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
5/27/2014 | 12:51:45 PM
Re: No problem
@SaraPeters.

I very much agree with you Sara, as I said earlier no one should be detracted from a field they wish to pursue. 

What are somethings that could be done for women so that they stay in said career path?
Sadie!
50%
50%
Sadie!,
User Rank: Apprentice
5/27/2014 | 12:47:41 PM
Re: No problem
When women don't enter IT (or other male dominated industries), they aren't always simply choosing to not enter the field. Many girls grow up showing interests in STEM fields, but are discouraged from pursuing those interests directly or indirectly. When I was in high school I was interested in computer science, but never joined the computer club because I was intimidated by the all boy group. (I did end up pursuing my interests in college.) On the other side of your argument are professions like elementary teaching and nursing. I bet there are boys who are interested in these professions, but are encouraged to pursue more typically male jobs. Why was it so hilarious in the movie 'Meet the Parents' that Greg is a nurse?

This is an old video, recently passed around on the internet via upworthy (I know, yuck), but still relevant:
https://www.youtube.com/watch?feature=player_embedded&v=035lOhkNbkM
Kerstyn Clover
50%
50%
Kerstyn Clover,
User Rank: Moderator
5/28/2014 | 8:59:29 AM
Re: No problem
| When women don't enter IT (or other male dominated industries), they aren't always simply choosing to not enter the field.

 

Yes! This hits the nail on the head in my opinion. I've always based my judgment on the idea of women being interested (or not) in these fields on talking to young women, my experiences, and the environments. I feel like there are a lot of people who base their assessments of women's interests only on the idea of "if they were interested they'd work in it, if not they wouldn't, there are few women here and therefore few women are interested in the topic". I think that misses a lot of complex socioeconomic factors which can be hard to put a finger on.
SachinEE
50%
50%
SachinEE,
User Rank: Apprentice
5/26/2014 | 12:44:42 PM
Re : Women In Security: We've Still Got A Long Way To Go, Baby
In order to be taken seriously by men a woman should show she has the guts to face up to challenges brought out in a work place. Sara when you asked for a promotion, you should have just come out and said you want a pay rise too. Why did he give you the promotion if he didn't think you are not qualified to get the promotion? It just needs guts.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
5/27/2014 | 9:57:54 AM
Re: Re : Women In Security: We've Still Got A Long Way To Go, Baby
@SachinEE Knowing Sara, I'm sure she has the guts to ask for a raise. And as the daughter of an assertive working mother and the mother of an assertive (when she wants to be) daughter I totally agree that being proactive is an important strategy for women who want to achieve pay parity and recognization in security-- along with many other fields.

While I can't speak directly about women in security, after 30-plus years in the workforce, I've seen plenty of examples of "exclusionary macho culture and a lack of executive sponsorship" as mentioned in the article. We all have to play a role in elimiinating that bias.
Sara Peters
50%
50%
Sara Peters,
User Rank: Author
5/27/2014 | 10:07:30 AM
Re: Re : Women In Security: We've Still Got A Long Way To Go, Baby
@SachinEE @Marilyn   Well it might be a problem with a lack of guts. But I can tell you that the time I asked for the promotion but not the raise was because I knew the better title would help me do a better job (because people were more likely to return my phone calls), but I also knew that the company was struggling a bit financially and I didn't want to a) hurt the company, or b) have them immediately reject my request for a promotion.

So, I guess it was partly a lack of confidence and partly a willingness to sacrifice a little something for the sake of the company. I think both of those things are rather common among women.

Regardless... I should have at least asked for the raise, even if I was willing to take the promotion without the money if they said they couldn't afford it. It's silly that I didn't do it.


 
Kerstyn Clover
100%
0%
Kerstyn Clover,
User Rank: Moderator
5/28/2014 | 9:39:32 AM
Re: Re : Women In Security: We've Still Got A Long Way To Go, Baby
All this talk about guts and asking for things made me think of a spoken word piece I've seen by Lily Myers. Relevant portion: "I asked five questions in genetics class today and all of them started with the word 'sorry.'"

 

Sara, I think you brought up a lot of excellent points here and I appreciate that you backed them with some great references. I'll have to read through a couple I hadn't seen yet. Of course I also appreciate the shout-out; I think we've both honed in on the same issue. Now, if only we had all the answers and ability to fix it that would be peachy.
Sara Peters
100%
0%
Sara Peters,
User Rank: Author
5/28/2014 | 2:47:27 PM
Re: Re : Women In Security: We've Still Got A Long Way To Go, Baby
@Kerstyn  Agreed! "if only we had all the answers and ability to fix it that would be peachy." I think really that the change is only going to happen if both men and women, boys and girls, help make it so. I just learned about a new non-profit aimed at getting more girls into STEM fields, but the group is for both girls AND BOYS. I think that's the right way to go. Instead of making boys feel excluded or girls feel separate, it's better to get them both working together so that they both feel that being different genders is no big deal.

I'll share more about them when I know more.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/2/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-9498
PUBLISHED: 2020-07-02
Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corruption, possiblyallowing arbitrary code to be executed...
CVE-2020-3282
PUBLISHED: 2020-07-02
A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attack...
CVE-2020-5909
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to fetch the agent installer, the server TLS certificate is not verified.
CVE-2020-5910
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.
CVE-2020-5911
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system.