Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
New Initiative Aims to Fast-Track Women into Cybersecurity Careers
Newest First  |  Oldest First  |  Threaded View
blackjack0021
50%
50%
blackjack0021,
User Rank: Apprentice
5/20/2019 | 10:27:09 AM
more on ramps needed
The article clearly states this is for entry level on ramp training into the field (beginner certs), not instant expert status. 

There is always resistance to any novel idea to get people in to the Security (or IT) field, even if it's entry level and even if it's capturing people already skilled in other areas.  That's entirely predictable if we understand that we all self-justify and think the only path that is "good" is the one we took.  You see those arguments constantly re: degress are good vs. bad, certs are good vs. bad, etc.  So unless YOU had something like a 3-4 month boot camp on ramp then it sounds like a bad idea?  "It's not how I did it!" crows the peacock!  We need to realize how other people get into the field doesn't undermine our achievements and get over it.  Then there is the whole fear of competition, change, or whatever.  The Security field has a lot of change and competition in it... so let's get past that and just pull up our big people pants. Get to work solving the problem instead of causing more resistance.

One of the key global competitve advantages is getting ALL your smart people working on tough problems, as opposed to letting societal frameworks narrowly restrict your talent pool.  Being good at Security has little to do with a demographic, because your individual characterists (e.g. persistence, analytics, vision, etc.) that make you good at this line of work (or not) always trumps any generic demographic stereotypes.  So a targeted outreach to attract an otherwise alienated talent pool (and half the population at that) is a good idea if it brings more smart, talented, and competent people to work on Security problems, right?  

 
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
5/17/2019 | 3:04:24 PM
Re: A worthwhile initiative
Agreed, and all on point. Thank you for sharing your insight here.

 
secdatanoms
100%
0%
secdatanoms,
User Rank: Author
5/16/2019 | 12:43:13 PM
A worthwhile initiative
Unfortunately, some of the initial comments to this post fail to recognize the impact that history has on society, including opportunity and hiring. Look around at most tech companies, including the vast majority in the infosec space, and you will see people that all look alike (... like me). This initiative is recognition that we need to encourage the development of talented people across gender and racial lines. We will all benefit from the inclusion of diverse backgrounds, ideologies, and ways of thinking.

The 2019 Fortune 500 list just came out and people are celebrating 6.6% of CEOs being women. Women account for >50% of the US population. Hopefully, people recognize the "improvement" as a small step in the right direction - not the finish line. Minorities face similar statistical discrepancies with regard to their representation in tech and tech leadership. More companies should be running their own talent incubators, so that it isn't such a foreign idea to help 100 women. Kudos to Carmen Marsh for stepping into the gap and trying to help close it.
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
5/15/2019 | 9:50:51 AM
Re: This is why we have a mess in his country
Agree - hiring should always be based on skill set and ability and all other factors secondary.  Oh you can have affirmative action policies to a degree and then one does not hire a highly skilled poodle for a job but it should be, and often is not, based just on skills and abilities.  In a perfect world............ More women ARE needed and more MEN with skills ARE needed too.  Our skill shortage set is pretty bad right now.   Poodles need not apply. LOL.  ( Full disclosure - I own a rescue Maltipoo.)
cerminqqbiz
50%
50%
cerminqqbiz,
User Rank: Apprentice
5/13/2019 | 7:57:46 AM
Re: This is why we have a mess in his country
very nice :)
Yenrab
0%
100%
Yenrab,
User Rank: Strategist
5/10/2019 | 1:14:09 PM
Re: This is why we have a mess in his country
So, perhaps you are young and misguided thus you missed the point.  Hiring should be color blind, sex blind, everything blind.  Simply put, when it's do or die (I'll bet you've never been there), you go for the most qualified.  We're not talking about a mailroom or table server position here, we're talking about keeping the enemy from the gates where you have to get it correct EVERY time where as the bad guys only have to get it correct ONCE.  I have no fear of losing my job to Mexicans or anybody else.  I just lament the basic lack of todays "yout" not being able to understand the difference between being created equal, and forcing or even expecting equal outcomes.  If you have to give someone an "extra boost" or other preferential treatment you are essentially saying they are incapable of performing on a level playing field and they are incompetent idiots.  That is extremely denigrating to those purporting to be helped.
schopj
75%
25%
schopj,
User Rank: Strategist
5/10/2019 | 10:21:28 AM
Re: This is why we have a mess in his country
If you have a few years or decades of experience, you should have no trouble getting hired on in security over these women.  Your concerns are sexist nonsense, similar to the racist nonsense we see in the US where people are afraid of poor uneducated Mexicans stealing their jobs.  The reality is there are more jobs in Infosec to go around then there are skilled workers.  This initiative aims to fill some of those empty slots that current, experienced InfoSec professionals are unable to fill due to lack of numbers.  It also aims to target women due to the underrepresentation of women in infosec.  Any male with appropriate skills and training or experience should have no fear of losing out on a job "because of whats between their legs".  Thats just sexist nonsense that shows how ignorant you are.  
Yenrab
25%
75%
Yenrab,
User Rank: Strategist
5/10/2019 | 9:42:39 AM
This is why we have a mess in his country
At the risk of being politically incorrect, are we now less concerned with someone's skill set then we are with what may or may not be between their legs?  No way 100 days of training compares with a few years (or decades) of security experience.  But wait, after all they are girls and deserve a chance regardless if we get hacked on their first watch and all of our companies trade secrets have been compromised, at least we feel good about ourselves.  Is the next step to allow foreign agents into the gates because they "self-identify" as patriotic Americans?  Sheesh!


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-41393
PUBLISHED: 2021-09-18
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations.
CVE-2021-41394
PUBLISHED: 2021-09-18
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows alteration of build artifacts in some situations.
CVE-2021-41395
PUBLISHED: 2021-09-18
Teleport before 6.2.12 and 7.x before 7.1.1 allows attackers to control a database connection string, in some situations, via a crafted database name or username.
CVE-2021-3806
PUBLISHED: 2021-09-18
A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system.
CVE-2021-41392
PUBLISHED: 2021-09-17
static/main-preload.js in Boost Note through 0.22.0 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal Electron API.