Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
How Diversity Can Bridge The Talent Gap
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
8/31/2016 | 9:22:15 PM
Re: Additional exacerbation
@Dr.T: So what is your company like in that respect?  What is the process for drafting a job description and job requirements for postings?
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
8/31/2016 | 12:31:13 PM
Re: By the way...
To clarify, DiGiovanni's findings are for his training effort--to tap those inherent skillsets for trainees, who obviously get the hands-on hacking training via the DoD program.
GonzSTL
50%
50%
GonzSTL,
User Rank: Ninja
8/31/2016 | 12:28:49 PM
Re: By the way...

Although I agree that STEM skills are just part of qualifiers, the notion that STEM is not one of the top skills should not be a universal principle. I can see how the DoD would feel that way, since that is a very large organization. Smaller outfits though do not have the luxury of hiring many people for their InfoSec (or just IT period) teams. These organizations are the ones who will look at IT skills first, and then soft skills, during their hiring process. This is why encouragement at a young age and mentoring really is critical in expanding the IT workforce to include women and minorities.

Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
8/31/2016 | 12:16:03 PM
Re: By the way...
I disagree, @InReality01. Diversity brings more perspective, insight, and a broader range of skills. When you have people of different backgrounds, socioeconomic roots, and life experiences, you have a more balanced and insightful organization. I agree that hires must be qualified--no one is saying otherwise--but sometimes there are skills that employers aren't considering that are extremely valuable. 

Here's a good example of how skills are more than STEM: a DoD official, Frank DiGiovanni, director of force training in DoD's Office of the Assistant Secretary of Defense for Readiness, has been researching what makes a great white-hat hacker. He has been interviewing folks at DEF CON the past two years.

From a recent Dark Reading article on his efforts:

The big takeaway from DiGiovanni's DEF CON research: STEM, aka science, technology, engineering, and mathematics, was not one of the top skills organizations look for in their cyber-Jedis. "Almost no one talked about technical capabilities or technical chops," he says. "That was the biggest revelation for me."

http://www.darkreading.com/threat-intelligence/dod-taps-def-con-hacker-traits-for-cybersecurity-training-program/d/d-id/1326763?

When you open up jobs to these broader skillsets, you're more likely to get a more diverse pool of applicants.

Of course, there's also the issue of educating and encouraging women and people of color that this industry is wide open and full of opportunity.

 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/31/2016 | 12:09:27 PM
Re: By the way...
"... There is nothing inheirently "good" about diversity in the workforce based on gender, race or ethnicity. ..."

I hear you, the way I look at it, having different genders will lead to different view points, when you leave women out in IT, you do not get their perspective with the remaining skills in your workforce.
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
8/31/2016 | 12:07:17 PM
Re: Additional exacerbation
I hear ya, @MistyMorn. That first bar is the big issue in this industry. Have you thought of joining some local cybersecurity meetups? That is one way to meet, network, and get connected with local security events, hackathons, etc. 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/31/2016 | 12:04:43 PM
Re: The phantom issue in security...
"... women don't go into technical fields at nearly the same rate as men do. ..."

That is a good point, I was just mentioning this in my other post.  When we post a position, we normally do not get any female applicants.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/31/2016 | 12:03:02 PM
Hiring more women
 

"... Hiring more women and minorities ..."

There is another issue here, when we post a IT position we do not get any female applicants, I am not sure if this is the same for all others but, the other end of this letting female students having interest in IT.

 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/31/2016 | 12:01:37 PM
Re: Additional exacerbation
"... Entry level should be an on the job training position but I still struggle with being underqualified due to my lack of enterprise IT experience. ..."

This is really a good point. IT is a fast pace sector, there is no day that you do not learn new things, it requires life-long learning strategy.

 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/31/2016 | 11:58:48 AM
Re: Additional exacerbation
"... It is my personal goal to spread STEM awareness in young kids, especially girls. ..."

This is great to hear. Thank you for doing it. I would assume female studens now realize that technology is not something they need to avoid but embrace, since everything and everting else involves it any more.
Page 1 / 2   >   >>


7 Tips for Choosing Security Metrics That Matter
Ericka Chickowski, Contributing Writer,  10/19/2020
IoT Vulnerability Disclosure Platform Launched
Dark Reading Staff 10/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15270
PUBLISHED: 2020-10-22
Parse Server (npm package parse-server) broadcasts events to all clients without checking if the session token is valid. This allows clients with expired sessions to still receive subscription objects. It is not possible to create subscription objects with invalid session tokens. The issue is not pa...
CVE-2018-21266
PUBLISHED: 2020-10-22
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2018-21267
PUBLISHED: 2020-10-22
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2020-27673
PUBLISHED: 2020-10-22
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271.
CVE-2020-27674
PUBLISHED: 2020-10-22
An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique.