Comments
Newest First | Oldest First | Threaded View
Re: A problem where there isn't one
"If more men/women applied for these jobs then there wouldn't be a problem" is a very tired argument that has been used to justify racial, gender, foreign origin and religious imbalances for years. I believe we instinctively tend to follow our embedded tribal/family traditions and learnings to follow careers and callings that feel comfortable to us and to go to places where we feel we belong. Maybe it's a survival thing. When one of my children went to college, one of the most interesting bits of advice he got for picking a major was this: look left, look right, are these the people you want to spend the rest of your life working with? In other words, do you feel you belong in this field? The point of the writing was to make more talented women feel that they could belong - and even thrive - if they were moved and/or attracted to the space, and that there were role models, mentors and sponsors that would help them find a path there. In spite of any tribal, family upbringing bias', or education choices made in the past, they could take a leap and belong to this new and exciting field full of opportunity and exciting prospects.
Re: A problem where there isn't one
I agree 100% that if a man or woman does not have the minimum technical skills to perform an IT security job AND they are not trainable under your coaching/teaching/mentoring, then you are setting him/her up for ultimate failure in the position.
That being said, good security talent is challenging to find. It is incumbent upon good leaders and good companies to seek out a broad, diverse & highly qualified pool of applicants. Most innovative security companies I know are reaching early into academia to seek out the best & brightest, they look to social media to find who is an expert in the area they're pursuing. With this, you get a diversity of opinion on how to address problems and find solutions to propel your organization forward. Without it, you will be stuck in group think and continue to plow down the same rut in your journey.
BTW, RAID is high-reliability storage that divides and replicates data amongst drives in a group. For brevity, RAID1 is primarily used for heavy processing requirements while RAID5 is more used for transactional applications. RAID was introduced in the 1980's when I was in elementary school. Personally, I am more a supporter of the emerging technology like FEC which does away with the arcane issues with RAID storage. Now that's a useful debate.
That being said, good security talent is challenging to find. It is incumbent upon good leaders and good companies to seek out a broad, diverse & highly qualified pool of applicants. Most innovative security companies I know are reaching early into academia to seek out the best & brightest, they look to social media to find who is an expert in the area they're pursuing. With this, you get a diversity of opinion on how to address problems and find solutions to propel your organization forward. Without it, you will be stuck in group think and continue to plow down the same rut in your journey.
BTW, RAID is high-reliability storage that divides and replicates data amongst drives in a group. For brevity, RAID1 is primarily used for heavy processing requirements while RAID5 is more used for transactional applications. RAID was introduced in the 1980's when I was in elementary school. Personally, I am more a supporter of the emerging technology like FEC which does away with the arcane issues with RAID storage. Now that's a useful debate.
Re: A problem where there isn't one
So, all men and women like the exact same things? When I hear someone say men and women like different things, it isn't an all or nothing issue. It's an "in general" type of situation. You could say more women prefer to go into the social work field because that field tends to be dominated by women. Same thing with nursing or teaching to some extent.
Most people can look at these surveys and agree that the ratio of men to women in the tech field is nowhere near even. I don't think we will EVER achieve that. I'm all about merit. I don't really care who you are, if you're good at what you do, that's all that matters to me.
The gender pay gap is an interesting issue. When we look at these studies, it takes everyone and then averages it out. It also looks at maternity leave, taking more part time jobs, etc, to raise a family. It's being blatantly disingenuous to not mention that when it comes to the pay gap. All these surveys take that into account as to why many women are paid less than men in the same career field. Now, I'm not saying there could be cases where women are just paid less, but the majority of these surveys look at everything with regards to pay, including time you take off. Most men do not take any kind of maternity leave. You also have many women not taking more stressful or demanding jobs because of family related things. This obviously doesn't apply to all but whenever you read an article about the pay gap, they NEVER include how they came to those conclusions and what variables are included. You have to look at the methodology to figure out how they came to those conclusions. Just looking at a graph that says women are paid less is fooling yourself if all these companies are illegally paying people less because of their gender. Remember, there are federal and state laws against that kind of behavior.
At the end of the day, more men than women enroll in tech oriented programs. More men than women are looking for tech related jobs. More men than women are wanting to get into the tech field. Security included. That probably won't change anytime soon. What needs to change is starting at the family/education level and removing all stigmas around women in tech or "encouraging" someone to not get into that field due to their gender. They need to realize it doesn't matter, just be good at what you do and you will succeed.
Most people can look at these surveys and agree that the ratio of men to women in the tech field is nowhere near even. I don't think we will EVER achieve that. I'm all about merit. I don't really care who you are, if you're good at what you do, that's all that matters to me.
The gender pay gap is an interesting issue. When we look at these studies, it takes everyone and then averages it out. It also looks at maternity leave, taking more part time jobs, etc, to raise a family. It's being blatantly disingenuous to not mention that when it comes to the pay gap. All these surveys take that into account as to why many women are paid less than men in the same career field. Now, I'm not saying there could be cases where women are just paid less, but the majority of these surveys look at everything with regards to pay, including time you take off. Most men do not take any kind of maternity leave. You also have many women not taking more stressful or demanding jobs because of family related things. This obviously doesn't apply to all but whenever you read an article about the pay gap, they NEVER include how they came to those conclusions and what variables are included. You have to look at the methodology to figure out how they came to those conclusions. Just looking at a graph that says women are paid less is fooling yourself if all these companies are illegally paying people less because of their gender. Remember, there are federal and state laws against that kind of behavior.
At the end of the day, more men than women enroll in tech oriented programs. More men than women are looking for tech related jobs. More men than women are wanting to get into the tech field. Security included. That probably won't change anytime soon. What needs to change is starting at the family/education level and removing all stigmas around women in tech or "encouraging" someone to not get into that field due to their gender. They need to realize it doesn't matter, just be good at what you do and you will succeed.
Re: A problem where there isn't one
Same experience from my perspective with nearly 30 years in IT. It's been a few years since the last time I hired a direct report, however, when I did only about 10 percent of the resumes I got for the position were female. We did a basic skills competency test for all applicants that looked reasonably qualified and of the few women who came in to do the test, not one scored a passing grade. The male applicants didn't do all that stellar either, but at least a few passed.
The test was pretty basic, there was nothing "gender biased" about it.... either an applicant knows what the difference between RAID1 and RAID5 is or they don't.
The simple solution, if you want more females working in IT, have more qualified females apply for jobs in IT.
The test was pretty basic, there was nothing "gender biased" about it.... either an applicant knows what the difference between RAID1 and RAID5 is or they don't.
The simple solution, if you want more females working in IT, have more qualified females apply for jobs in IT.
Re: A problem where there isn't one
I have to strongly and respectfully disagree with you, @gmax28. First off, your presumption that men and women "like different things" literally echoes the underlying societal problem here. That's a fallacy that has been propagated by generations of outdated mindsets about women's "roles" in the workforce. You probably haven't seen a woman "restricted, disregarded or prevented" in or from an IT or infosec job because you are a man who hasn't experienced the same hurdles and pay gap issues. Dismissing the gender and diversity issue as a nonissue is a systemic problem and is one of the reasons why we are still grappling with a gender and diversity gap in security. The goal is to give everyone a fair shake to contribute to this massive and critical industry that can't keep up with the demand for people to fill its jobs.
A problem where there isn't one
I've been in IT for over 20 years now. Not once have I seen a time where a woman was restricted, disregarded, or prevented in any way from an IT job, much less Infosec. The FACT is that men and women LIKE DIFFERENT THINGS. Where is the concern that 80% of teachers are women? I don't see articles on 'How Do We Get More Men into Education." This is just another liberal cause and this guy is falling right in line with it. The reason there aren't more women in IT, BECAUSE THEY DON'T WANT TO. Problem solved! And it didn't take a CEO solve it... as usual.
White Papers
Video
1 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Talk about vendor lock in...
Latest Comment: Talk about vendor lock in...
Current Issue
Building and Managing an IT Security Operations ProgramAs cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
How Enterprises Are Developing Secure Applications
IT security and application development are disparate processes that are increasingly coming together. Here's a look at how that's happening.
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2019-11816
PUBLISHED: 2019-05-20
PUBLISHED: 2019-05-20
PUBLISHED: 2019-05-20
PUBLISHED: 2019-05-20
PUBLISHED: 2019-05-20
From DHS/US-CERT's National Vulnerability Database CVE-2019-11816
PUBLISHED: 2019-05-20
Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator via a specially crafted request.
CVE-2019-10076PUBLISHED: 2019-05-20
A carefully crafted malicious attachment could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.
CVE-2019-10077PUBLISHED: 2019-05-20
A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.
CVE-2019-10078PUBLISHED: 2019-05-20
A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. Initial reporting indicated ReferredPagesPlugin, but further analysis showed that multiple plugins were vulnerable.
CVE-2019-12239PUBLISHED: 2019-05-20
The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that require administrative access.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2019 UBM, All rights reserved
Tweet This
User Rank: Apprentice
5/21/2018 | 12:37:07 PM
Rob Clyde with ISACA recently noted their research on the topic: https://www.linkedin.com/pulse/isaca-data-diversity-issues-rob-clyde/
"An overall 31-point gap was found when it came to male and female perceptions of career advancement opportunities for women, compared to a 10-point gap for those with diversity programs in place within their organization"
If there continues to be a perception that women do not have the same advancement opportunities as men in IT and cyber security, fewer are likely choose to pursue it as a career path. ISACA research data indicates that programs may help or at least change perceptions about advancement opportunities. Programs are a start, but I do not think that they alone can drive the shift that is needed. The points raised about merit and hiring the best candidate are solid ones, yet there's a need for cyber security leaders take action to address both the perceptions and realities of the issue so that we have a larger talent pool of both women and men to fill the need for cyber security professionals.
Full report from ISACA at: https://cybersecurity.isaca.org/state-of-cybersecurity