Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Diversity: It's About Inclusion
Newest First  |  Oldest First  |  Threaded View
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
4/26/2018 | 1:13:51 PM
Re: Best job candidate description EVER
Quite correct --- I am all for gender diversity and in many areas women are far better analysts than men will ever be (have us beat on a whole bunch of fronts).  BUT what we really have is an INTELLIGENCE DIVERSITY issue which is entirely different.  (I say nothing about Bangalore - enough said there).   That is different from KNOWLEDGE DIVERSITY which is a very good thing.  INTELLIGENCE div goes up through the ranks to so that, as at IBM, you have management strata lines of people who know nothing but got there because they knew something earlier in their life and lower down on management ladder.  Remember FUMU?   
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
4/26/2018 | 5:22:58 AM
Re: Best job candidate description EVER
@REISEN: I remember seeing Andy Ellis, CSO of Akamai, speak once on the subject of how these types of purple-squirrel hiring tactics actually diminish gender diversity in the workplace.

Ellis: "If you have a [gender] diversity problem, this is why... [Men] are totally willing to lie and say, 'Yeah, I've got 12 years' experience in Windows 8.'"

Incidentally, here's my writeup for one of Dark Reading's sister sites on this subject, in which Ellis is quoted: networkcomputing.com/careers/tech-talent-shortage-myth/1360165050
notthereatall
50%
50%
notthereatall,
User Rank: Apprentice
4/25/2018 | 12:31:11 PM
A parallel discussion: "inclusion" is an empty buzzword - from a side event
During RSA conference Peerlyst held a side event. The outcome of one of the sessions was a vivid discussion:  ""inclusion" is an empty buzzword".

Here are some interesting and relevant quotes:

By Kim Krawley:

"Employers need to stop having rigid hiring criteria. All of that "culture fit" stuff also excludes people who are demographically different from the people who already work at the company. I work for several different cybersecurity vendors. You know what they looked at? The blog content I've written for other companies and my Twitter following. That's it.

By Andrew Commons:

"We are all different, very different. We have developed a culture that highlights differences and provides the technology for the collective persecution of those considered different. It has become a sport, 'shaming' is the new black.

We have legislation that requires "affirmative action". In some jurisdictions it's been around for 60 years. In large corporations we see (very) senior positions being created specifically to address 'Diversity'. As we see in the case of James Damore (and let's ignore his views for now) and Google, such environments actually do not tolerate diversity they are intent in promoting uniformity and will highlight and shame those who dare differ.

It's this bigger global cultural issue that needs to be addressed before any change can be expected in corporate culture."

By Molly Payne:

"Companies hopefully are seeing that diversity drives creative thought and problem solving. As a community in a company we can create social enclaves for ourselves as a place to recharge and brainstorm solutions for problems we observe. In hiring opportunities reaching back can be a method for those of us outside the majority to change the stats; if you have a say in hiring reach out to those people in your community who you know are qualified and get their resume seen. Volunteer and share your skills. I feel a lot of analyst work and security work can be taught much like a trade you just have to have the passion. I've often thought of organizing a club at a local high school or middle school to build excitement about this field. I think about this quite a lot, and love these discussions thanks for bringing it up!"

 
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
4/25/2018 | 9:46:06 AM
Re: Best job candidate description EVER
=) 
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
4/25/2018 | 9:25:29 AM
Best job candidate description EVER
Needed - YOUNG enthusiastic Millenial (age 22) with 32 years of experience. 


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3830
PUBLISHED: 2021-09-26
btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-21742
PUBLISHED: 2021-09-25
There is an information leak vulnerability in the message service app of a ZTE mobile phone. Due to improper parameter settings, attackers could use this vulnerability to obtain some sensitive information of users by accessing specific pages.
CVE-2020-20508
PUBLISHED: 2021-09-24
Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail text field.
CVE-2020-20514
PUBLISHED: 2021-09-24
A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/admin/del/ids/<id>.html allows authenticated attackers to delete all users.
CVE-2016-6555
PUBLISHED: 2021-09-24
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP trap supplied data. By creating a malicious SNMP trap, an attacker can store an XSS payload which will trigger when a user of the web UI views the events list page. This issue was fixed in ver...