Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
New Initiative Aims to Fast-Track Women into Cybersecurity Careers
Newest First  |  Oldest First  |  Threaded View
blackjack0021
50%
50%
blackjack0021,
User Rank: Apprentice
5/20/2019 | 10:27:09 AM
more on ramps needed
The article clearly states this is for entry level on ramp training into the field (beginner certs), not instant expert status. 

There is always resistance to any novel idea to get people in to the Security (or IT) field, even if it's entry level and even if it's capturing people already skilled in other areas.  That's entirely predictable if we understand that we all self-justify and think the only path that is "good" is the one we took.  You see those arguments constantly re: degress are good vs. bad, certs are good vs. bad, etc.  So unless YOU had something like a 3-4 month boot camp on ramp then it sounds like a bad idea?  "It's not how I did it!" crows the peacock!  We need to realize how other people get into the field doesn't undermine our achievements and get over it.  Then there is the whole fear of competition, change, or whatever.  The Security field has a lot of change and competition in it... so let's get past that and just pull up our big people pants. Get to work solving the problem instead of causing more resistance.

One of the key global competitve advantages is getting ALL your smart people working on tough problems, as opposed to letting societal frameworks narrowly restrict your talent pool.  Being good at Security has little to do with a demographic, because your individual characterists (e.g. persistence, analytics, vision, etc.) that make you good at this line of work (or not) always trumps any generic demographic stereotypes.  So a targeted outreach to attract an otherwise alienated talent pool (and half the population at that) is a good idea if it brings more smart, talented, and competent people to work on Security problems, right?  

 
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
5/17/2019 | 3:04:24 PM
Re: A worthwhile initiative
Agreed, and all on point. Thank you for sharing your insight here.

 
secdatanoms
100%
0%
secdatanoms,
User Rank: Author
5/16/2019 | 12:43:13 PM
A worthwhile initiative
Unfortunately, some of the initial comments to this post fail to recognize the impact that history has on society, including opportunity and hiring. Look around at most tech companies, including the vast majority in the infosec space, and you will see people that all look alike (... like me). This initiative is recognition that we need to encourage the development of talented people across gender and racial lines. We will all benefit from the inclusion of diverse backgrounds, ideologies, and ways of thinking.

The 2019 Fortune 500 list just came out and people are celebrating 6.6% of CEOs being women. Women account for >50% of the US population. Hopefully, people recognize the "improvement" as a small step in the right direction - not the finish line. Minorities face similar statistical discrepancies with regard to their representation in tech and tech leadership. More companies should be running their own talent incubators, so that it isn't such a foreign idea to help 100 women. Kudos to Carmen Marsh for stepping into the gap and trying to help close it.
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
5/15/2019 | 9:50:51 AM
Re: This is why we have a mess in his country
Agree - hiring should always be based on skill set and ability and all other factors secondary.  Oh you can have affirmative action policies to a degree and then one does not hire a highly skilled poodle for a job but it should be, and often is not, based just on skills and abilities.  In a perfect world............ More women ARE needed and more MEN with skills ARE needed too.  Our skill shortage set is pretty bad right now.   Poodles need not apply. LOL.  ( Full disclosure - I own a rescue Maltipoo.)
cerminqqbiz
50%
50%
cerminqqbiz,
User Rank: Apprentice
5/13/2019 | 7:57:46 AM
Re: This is why we have a mess in his country
very nice :)
Yenrab
0%
100%
Yenrab,
User Rank: Strategist
5/10/2019 | 1:14:09 PM
Re: This is why we have a mess in his country
So, perhaps you are young and misguided thus you missed the point.  Hiring should be color blind, sex blind, everything blind.  Simply put, when it's do or die (I'll bet you've never been there), you go for the most qualified.  We're not talking about a mailroom or table server position here, we're talking about keeping the enemy from the gates where you have to get it correct EVERY time where as the bad guys only have to get it correct ONCE.  I have no fear of losing my job to Mexicans or anybody else.  I just lament the basic lack of todays "yout" not being able to understand the difference between being created equal, and forcing or even expecting equal outcomes.  If you have to give someone an "extra boost" or other preferential treatment you are essentially saying they are incapable of performing on a level playing field and they are incompetent idiots.  That is extremely denigrating to those purporting to be helped.
schopj
75%
25%
schopj,
User Rank: Strategist
5/10/2019 | 10:21:28 AM
Re: This is why we have a mess in his country
If you have a few years or decades of experience, you should have no trouble getting hired on in security over these women.  Your concerns are sexist nonsense, similar to the racist nonsense we see in the US where people are afraid of poor uneducated Mexicans stealing their jobs.  The reality is there are more jobs in Infosec to go around then there are skilled workers.  This initiative aims to fill some of those empty slots that current, experienced InfoSec professionals are unable to fill due to lack of numbers.  It also aims to target women due to the underrepresentation of women in infosec.  Any male with appropriate skills and training or experience should have no fear of losing out on a job "because of whats between their legs".  Thats just sexist nonsense that shows how ignorant you are.  
Yenrab
25%
75%
Yenrab,
User Rank: Strategist
5/10/2019 | 9:42:39 AM
This is why we have a mess in his country
At the risk of being politically incorrect, are we now less concerned with someone's skill set then we are with what may or may not be between their legs?  No way 100 days of training compares with a few years (or decades) of security experience.  But wait, after all they are girls and deserve a chance regardless if we get hacked on their first watch and all of our companies trade secrets have been compromised, at least we feel good about ourselves.  Is the next step to allow foreign agents into the gates because they "self-identify" as patriotic Americans?  Sheesh!


Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: We need more votes, check the obituaries.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-4889
PUBLISHED: 2021-01-26
IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190971.
CVE-2020-4949
PUBLISHED: 2021-01-26
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 192025.
CVE-2021-21275
PUBLISHED: 2021-01-25
The MediaWiki "Report" extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a revision could be forged. The problem has been fixed in commit f828dc6 by making use of Medi...
CVE-2021-21272
PUBLISHED: 2021-01-25
ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnerability. The directory support feature allows the ...
CVE-2021-23901
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...