Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
To Improve Workforce Diversity, Widen The Search, Feed Infosec Talent Pipeline
Newest First  |  Oldest First  |  Threaded View
DorisG987
50%
50%
DorisG987,
User Rank: Strategist
3/12/2016 | 5:54:10 AM
To improve diversity, train the top
Edgar Perez teaches a 3 Day Masterclass in Cybersecurity designed for C-level executives and senior managers. Furthermore, he is offering cyber security workshops for boards of directors and CEOs worldwide. He is the author of The Speed Traders and Knightmare on Wall Street, and his comprehensive training programs have been widely recognized by the media for his independent and non-biased approach.
syntax_attack
100%
0%
syntax_attack,
User Rank: Strategist
3/11/2016 | 1:03:05 PM
Re: "Sweetie, those toys are meant for boys!"
Thank you for providing more information.  I certainly cannot speak to the cultural atmosphere regarding women and STEM careers in Columbia.  I do hope things continue to improve for women down there.
CamiloD
50%
50%
CamiloD,
User Rank: Apprentice
3/10/2016 | 10:44:51 PM
Re: "Sweetie, those toys are meant for boys!"
Thanks for your comments, and it's great to hear about those activities taking place near you.

I apologize for not giving first a bit of context - My country (Colombia) is a developing nation with a kinda-sexist society. Sure, lots of improvements have been made in the last few years, but even today you can hear and "feel" certain sexist conducts against women. A small example - Girls who decide not to have kids are usually met with heavy social backslash. Their families and friends constantly nag them for "not contributing to society", "being selfish", "aiming to become a lonely person", and other ridiculous statements. But back to our topic: As I mentioned, women in my country are sometimes met with social backslash for showing interest in science & IT subjects and careers.

I absolutely agree with you - It's not like "girls can't be scientists or IT professionals" around here in Colombia. If a girl wants to do so, she'll make it like any other person. What I meant was that those girls will sometimes be seen as "awkward", "weird", "not very feminine", and (again) other ridiculous statements.
syntax_attack
100%
0%
syntax_attack,
User Rank: Strategist
3/10/2016 | 3:45:16 PM
Re: "Sweetie, those toys are meant for boys!"
What are you talking about?  My children's school has engineering and STEM fairs held only for girls.  Our local community college holds STEM days for the females in the local high schools.  I have seen numerous commercials for women in stem fields as well.  Girls are being shoved towards these fields and they simply don't want to enter them.  In fact, the more egalitarian a society the less likely women are to enter STEM fields, it is only when STEM jobs are the only option for a decent salary (like in many developing nations) that women flock to them.  The more choices a woman has the less likely she is to choose STEM.  Please tell me the last time you heard a girl told that she couldn't be a scientist or an IT professional.  I haven't heard that in at least 25 years.  
CamiloD
50%
50%
CamiloD,
User Rank: Apprentice
3/9/2016 | 3:46:14 PM
"Sweetie, those toys are meant for boys!"
Although it's true companies have to "broaden the pool", I believe another important factor is how science and IT topics are shown to kids. Specifically, girls in some cultures are discouraged of getting in touch with tech & science subjects, hobbies, and toys because "those things are meant for men" and "they aren't feminine". Even worse, that social scolding is done by both men and women.

Of course it's not the sole reason of the whole "diversity gap". But societies need to further evolve and to put past them all those sexist and racist ideas. I can only hope I live long enough to see it with my own eyes =)
syntax_attack
100%
0%
syntax_attack,
User Rank: Strategist
3/3/2016 | 11:00:17 AM
Broaden the pool
"Yes, we all want the best candidates," says Joseph, "but broaden the pool." She suggests actively recruiting women and people of color, by going to them instead of waiting for them to find you through the same old channels.

 

If you want to "broaden the pool" then you should be trying to get as many poeple as possible to apply, not just as many "people of color" or "women" as possible.  The fact of the matter is the pool already consists of the majority of people, almost anybody who wants to become an IT security professional can self educate (serveral ivy league colleges have their class materials online for free).  If someone is too poor to even have a computer at home they can use the public library.  In fact the largest demographic that is probably truely cut off from the profession would be those who live in poor rural areas (often there is no public transportation to take them to a public library that could be 50 miles away.  If you truely want to broaden the pool then the best way to do it is to help that demographic regardless of the racial or gender makeup of the population that needs access to these programs.  

 

I really tire of the "we must have diversity" crowd.  This is the same group of people who will tell you that race or gender don't matter and then turn around and demand racial or gender quotas.  How about we hire based upon merit and recruit those that have a desire to learn and leave it at that!
DarwinC123
100%
0%
DarwinC123,
User Rank: Strategist
3/2/2016 | 10:43:36 AM
can lead a horse to water
While I was able to brainwash my daughters to love Dr Who, computer gaming and the science genre, they were still more captivated by human drama in customer support and education fields.   They are smart and 'workaholic' (lol), but, they have told me that due to their gender and race, they have been able to go whereever they wanted in IT. They are were they want to be and only limit themselves. So, when, I see my employer advertise only in minority associations and such schemes to increase diversity, I wonder if we are looking for the best candidates or wanting to checkbox a statistic.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Data Breaches Affect the Enterprise
Data breaches continue to cause negative outcomes for companies worldwide. However, many organizations report that major impacts have declined significantly compared with a year ago, suggesting that many have gotten better at containing breach fallout. Download Dark Reading's Report "How Data Breaches Affect the Enterprise" to delve more into this timely topic.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-4020
PUBLISHED: 2021-11-27
janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-23654
PUBLISHED: 2021-11-26
This affects all versions of package html-to-csv. When there is a formula embedded in a HTML page, it gets accepted without any validation and the same would be pushed while converting it into a CSV file. Through this a malicious actor can embed or generate a malicious link or execute commands via C...
CVE-2021-43785
PUBLISHED: 2021-11-26
@joeattardi/emoji-button is a Vanilla JavaScript emoji picker component. In affected versions there are two vectors for XSS attacks: a URL for a custom emoji, and an i18n string. In both of these cases, a value can be crafted such that it can insert a `script` tag into the page and execute malicious...
CVE-2021-43776
PUBLISHED: 2021-11-26
Backstage is an open platform for building developer portals. In affected versions the auth-backend plugin allows a malicious actor to trick another user into visiting a vulnerable URL that executes an XSS attack. This attack can potentially allow the attacker to exfiltrate access tokens or other se...
CVE-2021-41243
PUBLISHED: 2021-11-26
There is a Potential Zip Slip Vulnerability and OS Command Injection Vulnerability on the management system of baserCMS. Users with permissions to upload files may upload crafted zip files which may execute arbitrary commands on the host operating system. This is a vulnerability that needs to be add...