Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
How Diversity Can Bridge The Talent Gap
Threaded  |  Newest First  |  Oldest First
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
8/23/2016 | 2:01:34 PM
Additional exacerbation
Also exacerbating this is what was allegedly found in that oft-cited internal HP study from some years ago: That men are generally/on average willing to apply for jobs if they meet only 60% of the stated "qualifications," whereas women are generally only willing to apply for jobs if they meet 100% of the stated "qualifications."

The real issue, IMHO, is that most girls are raised and treated a certain way that is very different from how most boys are raised and treated -- consequently limiting their own self-expectations.

There was some smarmy blog post/op-ed that went semi-viral a while back about raising your sons like daughters.  I think it should be the other way around: raise your daughters like sons.
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
8/23/2016 | 2:21:39 PM
Re: Additional exacerbation
Mindset is definitely an issue, and the panelists were very frank and insightful on that issue. I still love Angie Leifson's "just do it" mindset--wise words from a millennial who has already made quite an impression in the field. 
GonzSTL
50%
50%
GonzSTL,
User Rank: Ninja
8/24/2016 | 3:42:00 PM
Re: Additional exacerbation
This is where the most impact can be achieved. It is my personal goal to spread STEM awareness in young kids, especially girls. The stereotypical girl, raised and/or influenced by peers in directions diverted from STEM is something that must change. Additionally, boys tend to be more "aggressive" in pursuing results, so they take higher risks (re: 60% vs 100% qualified). This status serves to miss out of half the talent pool – women. It really is incumbent upon us, particularly in the male dominated technology sector, to address these issues and encourage/mentor women. That "just do it" mindset is critical.
MistyMorn
50%
50%
MistyMorn,
User Rank: Apprentice
8/28/2016 | 4:46:25 PM
Re: Additional exacerbation
While I agree that the "just do it" mindset is important, it can also be especially aggravating if you are in your forties and trying to change careers.  I graduated from college a few years ago and am having a difficult time trying to get my foot in the door for anything IT related.  My background is electronics and quality but my work history has very little I can relate to the IT field.  There is still this expection to have to work from the ground up.  Most companies want you start as tech support then grow from there.

My point is that IT has grown so much from just fixing computers and keeps evolving into a specialized knowledge tracks but companies do not adjust as quickly as the job market.  I grow increasingly disillusioned because I do not have thousands to spend on speciallized training and software in order to prove that I can work with it or even stay current with different releases.  Entry level should be an on the job training position but I still struggle with being underqualified due to my lack of enterprise IT experience.

 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/31/2016 | 12:01:37 PM
Re: Additional exacerbation
"... Entry level should be an on the job training position but I still struggle with being underqualified due to my lack of enterprise IT experience. ..."

This is really a good point. IT is a fast pace sector, there is no day that you do not learn new things, it requires life-long learning strategy.

 
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
8/31/2016 | 12:07:17 PM
Re: Additional exacerbation
I hear ya, @MistyMorn. That first bar is the big issue in this industry. Have you thought of joining some local cybersecurity meetups? That is one way to meet, network, and get connected with local security events, hackathons, etc. 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/31/2016 | 11:58:48 AM
Re: Additional exacerbation
"... It is my personal goal to spread STEM awareness in young kids, especially girls. ..."

This is great to hear. Thank you for doing it. I would assume female studens now realize that technology is not something they need to avoid but embrace, since everything and everting else involves it any more.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/31/2016 | 11:55:41 AM
Re: Additional exacerbation
"... Mindset is definitely an issue, ..."

That makes sense. We just need to educate our female students and make them aware of IT a little bit better I guess.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/31/2016 | 11:53:53 AM
Re: Additional exacerbation
"... That men are generally/on average willing to apply for jobs if they meet only 60% of the stated "qualifications," whereas women are generally only willing to apply for jobs if they meet 100% of the stated "qualifications." ..."

This may be one reason why we do not get many female applicants

 
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
8/31/2016 | 9:22:15 PM
Re: Additional exacerbation
@Dr.T: So what is your company like in that respect?  What is the process for drafting a job description and job requirements for postings?
InReality01
100%
0%
InReality01,
User Rank: Strategist
8/30/2016 | 9:57:01 AM
The phantom issue in security...
I have been in IT / IT Security / Forensics for over 20 years and there is certainly a lack of women in these fields but it isn't because of a purposeful intent to keep them out.......... the fact is, women don't go into technical fields at nearly the same rate as men do.

I have been on many interview panels and can count on one hand the amount of women that have applied for the jobs I was involved in hiring. 

I have seen plenty of minorities hired as well......... Asians and Indians are at the top of this list but still plenty of blacks as well.  In some areas there are way more minorities working in IT.  I'm guessing this isn't the "diversity" that some people are wanting and I'm not sure "some" people will ever be satisfied unti lthere is an exact same percentage of every possible type of person in the labor force....... which, of course, is absurd and will never happen.  Some jobs/careers are dominated by men, some by women, some by specific racial or ethnic groups, it's just a fact of life because everyone has different interests, talents, skills or raised in a specific environment whereby they are more prone to go into a specific line of work.  There is nothing wrong with any of this.

I have seen the most talented / skilled / experienced individual with the best communication skills get hired in almost every instance.  There are some exceptions when it comes to government hiring where I have seen bad candidates hired because of either unwritten quotas (diversity related) or because the individual hired was known or related to someone (or recommended by a politician).  Sure, this happens in private industry as well but not nearly to the extent as in government from what I have seen.

Typically the best qualified individual gets the job although there are exceptions as I pointed out.

The only way to get more minorities or women in these highly skilled IT / IR / Forensics positions is to have more highly qualified / skilled / talented minorities and women applying for the positions.

 

 

 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/31/2016 | 12:04:43 PM
Re: The phantom issue in security...
"... women don't go into technical fields at nearly the same rate as men do. ..."

That is a good point, I was just mentioning this in my other post.  When we post a position, we normally do not get any female applicants.
InReality01
100%
0%
InReality01,
User Rank: Strategist
8/30/2016 | 10:00:35 AM
By the way...
There is nothing inheirently "good" about diversity in the workforce based on gender, race or ethnicity.

Diversity of thought that is expressed through a variety of skills, talents, visions and ideas are important.

 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/31/2016 | 12:09:27 PM
Re: By the way...
"... There is nothing inheirently "good" about diversity in the workforce based on gender, race or ethnicity. ..."

I hear you, the way I look at it, having different genders will lead to different view points, when you leave women out in IT, you do not get their perspective with the remaining skills in your workforce.
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
8/31/2016 | 12:16:03 PM
Re: By the way...
I disagree, @InReality01. Diversity brings more perspective, insight, and a broader range of skills. When you have people of different backgrounds, socioeconomic roots, and life experiences, you have a more balanced and insightful organization. I agree that hires must be qualified--no one is saying otherwise--but sometimes there are skills that employers aren't considering that are extremely valuable. 

Here's a good example of how skills are more than STEM: a DoD official, Frank DiGiovanni, director of force training in DoD's Office of the Assistant Secretary of Defense for Readiness, has been researching what makes a great white-hat hacker. He has been interviewing folks at DEF CON the past two years.

From a recent Dark Reading article on his efforts:

The big takeaway from DiGiovanni's DEF CON research: STEM, aka science, technology, engineering, and mathematics, was not one of the top skills organizations look for in their cyber-Jedis. "Almost no one talked about technical capabilities or technical chops," he says. "That was the biggest revelation for me."

http://www.darkreading.com/threat-intelligence/dod-taps-def-con-hacker-traits-for-cybersecurity-training-program/d/d-id/1326763?

When you open up jobs to these broader skillsets, you're more likely to get a more diverse pool of applicants.

Of course, there's also the issue of educating and encouraging women and people of color that this industry is wide open and full of opportunity.

 
GonzSTL
50%
50%
GonzSTL,
User Rank: Ninja
8/31/2016 | 12:28:49 PM
Re: By the way...

Although I agree that STEM skills are just part of qualifiers, the notion that STEM is not one of the top skills should not be a universal principle. I can see how the DoD would feel that way, since that is a very large organization. Smaller outfits though do not have the luxury of hiring many people for their InfoSec (or just IT period) teams. These organizations are the ones who will look at IT skills first, and then soft skills, during their hiring process. This is why encouragement at a young age and mentoring really is critical in expanding the IT workforce to include women and minorities.

Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
8/31/2016 | 12:31:13 PM
Re: By the way...
To clarify, DiGiovanni's findings are for his training effort--to tap those inherent skillsets for trainees, who obviously get the hands-on hacking training via the DoD program.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/31/2016 | 11:51:33 AM
Lack of diversity
 

Not only women but there is real diversity problem not only in security but across the IT. High well paying positions are held white male. A few high tack companies run by other races simply because they 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
8/31/2016 | 12:03:02 PM
Hiring more women
 

"... Hiring more women and minorities ..."

There is another issue here, when we post a IT position we do not get any female applicants, I am not sure if this is the same for all others but, the other end of this letting female students having interest in IT.

 


COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/25/2020
Malware Attacks Declined But Became More Evasive in Q2
Jai Vijayan, Contributing Writer,  9/24/2020
Safeguarding Schools Against RDP-Based Ransomware
James Lui, Ericom Group CTO, Americas,  9/28/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-24565
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25770
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25771
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25772
PUBLISHED: 2020-09-29
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the ...
CVE-2020-25773
PUBLISHED: 2020-09-29
A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to execute arbitrary code on affected products. User interaction is required to exploit this vulnerability in that the target must import a corrupted configuration file.