Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
How Diversity Can Bridge The Talent Gap
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
8/31/2016 | 9:22:15 PM
Re: Additional exacerbation
@Dr.T: So what is your company like in that respect?  What is the process for drafting a job description and job requirements for postings?
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
8/31/2016 | 12:31:13 PM
Re: By the way...
To clarify, DiGiovanni's findings are for his training effort--to tap those inherent skillsets for trainees, who obviously get the hands-on hacking training via the DoD program.
GonzSTL
50%
50%
GonzSTL,
User Rank: Ninja
8/31/2016 | 12:28:49 PM
Re: By the way...

Although I agree that STEM skills are just part of qualifiers, the notion that STEM is not one of the top skills should not be a universal principle. I can see how the DoD would feel that way, since that is a very large organization. Smaller outfits though do not have the luxury of hiring many people for their InfoSec (or just IT period) teams. These organizations are the ones who will look at IT skills first, and then soft skills, during their hiring process. This is why encouragement at a young age and mentoring really is critical in expanding the IT workforce to include women and minorities.

Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
8/31/2016 | 12:16:03 PM
Re: By the way...
I disagree, @InReality01. Diversity brings more perspective, insight, and a broader range of skills. When you have people of different backgrounds, socioeconomic roots, and life experiences, you have a more balanced and insightful organization. I agree that hires must be qualified--no one is saying otherwise--but sometimes there are skills that employers aren't considering that are extremely valuable. 

Here's a good example of how skills are more than STEM: a DoD official, Frank DiGiovanni, director of force training in DoD's Office of the Assistant Secretary of Defense for Readiness, has been researching what makes a great white-hat hacker. He has been interviewing folks at DEF CON the past two years.

From a recent Dark Reading article on his efforts:

The big takeaway from DiGiovanni's DEF CON research: STEM, aka science, technology, engineering, and mathematics, was not one of the top skills organizations look for in their cyber-Jedis. "Almost no one talked about technical capabilities or technical chops," he says. "That was the biggest revelation for me."

http://www.darkreading.com/threat-intelligence/dod-taps-def-con-hacker-traits-for-cybersecurity-training-program/d/d-id/1326763?

When you open up jobs to these broader skillsets, you're more likely to get a more diverse pool of applicants.

Of course, there's also the issue of educating and encouraging women and people of color that this industry is wide open and full of opportunity.

 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/31/2016 | 12:09:27 PM
Re: By the way...
"... There is nothing inheirently "good" about diversity in the workforce based on gender, race or ethnicity. ..."

I hear you, the way I look at it, having different genders will lead to different view points, when you leave women out in IT, you do not get their perspective with the remaining skills in your workforce.
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
8/31/2016 | 12:07:17 PM
Re: Additional exacerbation
I hear ya, @MistyMorn. That first bar is the big issue in this industry. Have you thought of joining some local cybersecurity meetups? That is one way to meet, network, and get connected with local security events, hackathons, etc. 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/31/2016 | 12:04:43 PM
Re: The phantom issue in security...
"... women don't go into technical fields at nearly the same rate as men do. ..."

That is a good point, I was just mentioning this in my other post.  When we post a position, we normally do not get any female applicants.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/31/2016 | 12:03:02 PM
Hiring more women
 

"... Hiring more women and minorities ..."

There is another issue here, when we post a IT position we do not get any female applicants, I am not sure if this is the same for all others but, the other end of this letting female students having interest in IT.

 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/31/2016 | 12:01:37 PM
Re: Additional exacerbation
"... Entry level should be an on the job training position but I still struggle with being underqualified due to my lack of enterprise IT experience. ..."

This is really a good point. IT is a fast pace sector, there is no day that you do not learn new things, it requires life-long learning strategy.

 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/31/2016 | 11:58:48 AM
Re: Additional exacerbation
"... It is my personal goal to spread STEM awareness in young kids, especially girls. ..."

This is great to hear. Thank you for doing it. I would assume female studens now realize that technology is not something they need to avoid but embrace, since everything and everting else involves it any more.
Page 1 / 2   >   >>


COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/30/2020
6 Ways Passwords Fail Basic Security Tests
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/28/2020
'Act of War' Clause Could Nix Cyber Insurance Payouts
Robert Lemos, Contributing Writer,  10/29/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How to Measure and Reduce Cybersecurity Risk in Your Organization
In this Tech Digest, we examine the difficult practice of measuring cyber-risk that has long been an elusive target for enterprises. Download it today!
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27652
PUBLISHED: 2020-10-29
Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.
CVE-2020-27653
PUBLISHED: 2020-10-29
Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.
CVE-2020-27654
PUBLISHED: 2020-10-29
Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp.
CVE-2020-27655
PUBLISHED: 2020-10-29
Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to access restricted resources via inbound QuickConnect traffic.
CVE-2020-27656
PUBLISHED: 2020-10-29
Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors.