Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Women In Security Speak Out On Why There Are Still So Few Of Them
Newest First  |  Oldest First  |  Threaded View
PrincessMariam
50%
50%
PrincessMariam,
User Rank: Apprentice
8/23/2016 | 11:56:49 AM
Re: Professional Stigmas
Thank you for pointing that out. There exist jobs that are male dominated and jobs that are female dominated. The problem is - nobody complains about the jobs that are female dominated. Why? That's not the agenda.


The previous article I saw on this site was an article about "diversity" - but in the pictures were 100% women?!?!? Cleary, diveristy has less to do with including everyone and more to do with eliminating men, and even caucasions in some cases.

When I was at university, the history department's hiring practives were being investigated since almost all of the professors were white males. In my department - engineering - all of the professors were Indian males. Guess what?? No investigation.

 

You tell me.

 

As a woman, I recognise that there are simply going to be professions that are mostly women, and others that are mostly men. That has been the case since the beginning of history. Oh yeah and about not getting resumes from women - notice how it wasn't even questioned? The one time I heard a male manager state that he wan't receiving resumes from women the immediate response was that he is clearly a liar and in reality didn't pay attenion to all the resumes he received from women.

Why the different responses to the manager based on their gender?

 

Again, you tell me.
rasoolirfan
50%
50%
rasoolirfan,
User Rank: Apprentice
5/14/2015 | 9:29:03 AM
diversity
its vital to empower women security professionals at all levels and orgarnizations should find ways to have the mix of gender at all roles

nicely articulated. kudos
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
5/12/2015 | 3:01:50 PM
Re: Women In Security Speak Out On Why There Are Still So Few Of Them
Totally agree, Kelly. Obviously STEM skills are important to security professionals who are entering the field, But I think a lot of women who can do the math & science would by equally attracted by some of the other disciplines that are critical to the profession. The industry -- and schools at all levels --  need to do a better job of explaining what the job is  all about. 
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
5/12/2015 | 8:59:28 AM
Re: Women In Security Speak Out On Why There Are Still So Few Of Them
The comment that I believe you are referencing wasn't about downgrading skills for infosec jobs--it was about embracing the wider array of skills needed for the field today, such as psychology, linguistics, a broader world view of the issues in the field. We're actually already seeing a lot of this in the industry. Here's the section I believe you're referring to: 

Matsuda says girls often don't see themselves fitting into the computer science and cyber security stereotypes, so the industry needs to do a better job selling the career options here. Plus security entails a variety of skillsets: "We have linguists, psychologists, and computer scientists," for example, she says. "That's a diversity of disciplines" and security benefits from different types of people from different backgrounds that provide a broader insight into the issues, she says.
RyanSepe
100%
0%
RyanSepe,
User Rank: Ninja
5/12/2015 | 8:52:20 AM
Professional Stigmas
I think the biggest hurdle for this is getting over the professional stigmas. The "that's a man's job" or "that's a woman's job"; those statements are still woven in the fabric of our minds to some extent and you can see it in the numbers. InfoSec is not the only career path that sees this.

You have the 10%F and 90%M denoted by this article.-2015

For Nursing you have 88%F and 12%M-Economic Modeling 2010 (Gap has probably decreased since then but not by much)

The overall point is your can do this for many career paths. Until those professional stigmas are eradicated it will be difficult, no matter how much data is divulged, for those metrics to change. This will take time. Constant reiteration is very helpful in this matter and will hopefully decrease the time gap.

 
AvaxaS781
50%
50%
AvaxaS781,
User Rank: Apprentice
5/12/2015 | 8:50:12 AM
Women In Security Speak Out On Why There Are Still So Few Of Them
I think forcing more women to be involved in InfoSec for the sake of more women is not a good idea. Good ideas can come from anyone and gender should never be a qualifier or disqualifier. One of the women quoted in this article stated we need to change what is needed for the job to less relevant skills to just get them in. I think this is a very bad idea and we need to focus on weeding out the ones in the industry whom do more harm than good. I think the best way to get more women involved in InfoSec is to start at the schools and colleges. Title 9 stated off being a good idea, but its implementation in recent years has done more harm than good. Right now women make up the majority of college students. With this pace, most jobs requiring a college degree will be filled by women simply because the pool of candidate will be mostly women. The oppressed have become the oppressors in US Universities. To make changes in a positive way, we need to show young girls in school more than just solving math problems, but how solving those problems helped create all the technological marvels we have today. Not just teach to a test or to regurgitate information. Kids today do not learn how to learn. I know that sounds odd, however kids today; including my own, do not understand how to figure things out on their own. They cannot function outside of what is told to them. This is sad and in my option, a huge reason why other countries are surpassing the US in education. Just my 2 cents as a Information Security Subject Matter Expert.
Kelly Jackson Higgins
100%
0%
Kelly Jackson Higgins,
User Rank: Strategist
5/11/2015 | 8:41:24 PM
Re: Father-Daughter Nerd/Geek Day
Love the Father-Daughter Geek Day mention! And your point about exposure and encouragement are key. I am constantly talking to my daughter and son's female friends about this industry. One of these days I'll get a recruit.
RetiredUser
50%
50%
RetiredUser,
User Rank: Ninja
5/11/2015 | 5:53:59 PM
Father-Daughter Nerd/Geek Day
As the father of two daughters I know the responsibility I have to make sure I don't look at them as "girls" in the stereotypical sense is an immense one.  My eldest is a true scientist and absorbed more knowledge about animals and nature before she was six than I had learned in forty years of life.  She created her own database on sea life somewhere between five and six years of age on an old laptop I gave her with gNewSense GNU/Linux, using LibreOffice Calc.  I encourage everything in her that longs for scientific engagement. 

My youngest is a brute and quite the hacker.  I suspect she'll be the one with eyes on the software industry as a career, and probably she will enjoy InfoSec since breaking into things is her passion, clearly, and she's not even two.   

I think a major part of this deficiency across the board in tech industries of women in various roles has as much to do with the parents as with the schools the kids go to, or the tech culture in general.  I had to discover the world of electronics and computing on my own with absolutely no encouragement on the home-front – exposure is also half the battle won.  For my daughters, I plan on making sure they get every opportunity, and hope that - as they learn - it isn't once pointed out to them that because they are female, some employers might not want to hire them, or that some schools might not think they will be interested in certain classes, or that some of their friends might look at them funny when they break out their sticker-covered laptops to write some code between classes instead of doing whatever it is girls who don't do that do... 

For me, I try to balance it all out, but every day should be Father-Daughter nerd/geek day, as far as I'm concerned, since the daughters need to hear from their Dads that "it's perfectly OK to want to crawl under a car with a set of tools, to build your own robot or Arduino cluster, and certainly OK to be interested in InfoSec and enjoy breaking into systems to make them better."


Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.