Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Database Security
Authentication
Mobile
Privacy
Compliance
Careers and People
Identity & Access Management
Security Monitoring
Advanced Threats
Insider Threats
Vulnerability Management
Comments
New Initiative Aims to Fast-Track Women into Cybersecurity Careers
Newest First  |  Oldest First  |  Threaded View
blackjack0021
50%
50%
blackjack0021,
 User Rank: Apprentice
5/20/2019 | 10:27:09 AM
more on ramps needed
The article clearly states this is for entry level on ramp training into the field (beginner certs), not instant expert status. 

There is always resistance to any novel idea to get people in to the Security (or IT) field, even if it's entry level and even if it's capturing people already skilled in other areas.  That's entirely predictable if we understand that we all self-justify and think the only path that is "good" is the one we took.  You see those arguments constantly re: degress are good vs. bad, certs are good vs. bad, etc.  So unless YOU had something like a 3-4 month boot camp on ramp then it sounds like a bad idea?  "It's not how I did it!" crows the peacock!  We need to realize how other people get into the field doesn't undermine our achievements and get over it.  Then there is the whole fear of competition, change, or whatever.  The Security field has a lot of change and competition in it... so let's get past that and just pull up our big people pants. Get to work solving the problem instead of causing more resistance.

One of the key global competitve advantages is getting ALL your smart people working on tough problems, as opposed to letting societal frameworks narrowly restrict your talent pool.  Being good at Security has little to do with a demographic, because your individual characterists (e.g. persistence, analytics, vision, etc.) that make you good at this line of work (or not) always trumps any generic demographic stereotypes.  So a targeted outreach to attract an otherwise alienated talent pool (and half the population at that) is a good idea if it brings more smart, talented, and competent people to work on Security problems, right?  

 
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
 User Rank: Strategist
5/17/2019 | 3:04:24 PM
Re: A worthwhile initiative
Agreed, and all on point. Thank you for sharing your insight here.

 
secdatanoms
100%
0%
secdatanoms,
 User Rank: Author
5/16/2019 | 12:43:13 PM
A worthwhile initiative
Unfortunately, some of the initial comments to this post fail to recognize the impact that history has on society, including opportunity and hiring. Look around at most tech companies, including the vast majority in the infosec space, and you will see people that all look alike (... like me). This initiative is recognition that we need to encourage the development of talented people across gender and racial lines. We will all benefit from the inclusion of diverse backgrounds, ideologies, and ways of thinking.

The 2019 Fortune 500 list just came out and people are celebrating 6.6% of CEOs being women. Women account for >50% of the US population. Hopefully, people recognize the "improvement" as a small step in the right direction - not the finish line. Minorities face similar statistical discrepancies with regard to their representation in tech and tech leadership. More companies should be running their own talent incubators, so that it isn't such a foreign idea to help 100 women. Kudos to Carmen Marsh for stepping into the gap and trying to help close it.
REISEN1955
50%
50%
REISEN1955,
 User Rank: Ninja
5/15/2019 | 9:50:51 AM
Re: This is why we have a mess in his country
Agree - hiring should always be based on skill set and ability and all other factors secondary.  Oh you can have affirmative action policies to a degree and then one does not hire a highly skilled poodle for a job but it should be, and often is not, based just on skills and abilities.  In a perfect world............ More women ARE needed and more MEN with skills ARE needed too.  Our skill shortage set is pretty bad right now.   Poodles need not apply. LOL.  ( Full disclosure - I own a rescue Maltipoo.)
cerminqqbiz
50%
50%
cerminqqbiz,
 User Rank: Apprentice
5/13/2019 | 7:57:46 AM
Re: This is why we have a mess in his country
very nice :)
Yenrab
0%
100%
Yenrab,
 User Rank: Strategist
5/10/2019 | 1:14:09 PM
Re: This is why we have a mess in his country
So, perhaps you are young and misguided thus you missed the point.  Hiring should be color blind, sex blind, everything blind.  Simply put, when it's do or die (I'll bet you've never been there), you go for the most qualified.  We're not talking about a mailroom or table server position here, we're talking about keeping the enemy from the gates where you have to get it correct EVERY time where as the bad guys only have to get it correct ONCE.  I have no fear of losing my job to Mexicans or anybody else.  I just lament the basic lack of todays "yout" not being able to understand the difference between being created equal, and forcing or even expecting equal outcomes.  If you have to give someone an "extra boost" or other preferential treatment you are essentially saying they are incapable of performing on a level playing field and they are incompetent idiots.  That is extremely denigrating to those purporting to be helped.
schopj
75%
25%
schopj,
 User Rank: Strategist
5/10/2019 | 10:21:28 AM
Re: This is why we have a mess in his country
If you have a few years or decades of experience, you should have no trouble getting hired on in security over these women.  Your concerns are sexist nonsense, similar to the racist nonsense we see in the US where people are afraid of poor uneducated Mexicans stealing their jobs.  The reality is there are more jobs in Infosec to go around then there are skilled workers.  This initiative aims to fill some of those empty slots that current, experienced InfoSec professionals are unable to fill due to lack of numbers.  It also aims to target women due to the underrepresentation of women in infosec.  Any male with appropriate skills and training or experience should have no fear of losing out on a job "because of whats between their legs".  Thats just sexist nonsense that shows how ignorant you are.  
Yenrab
25%
75%
Yenrab,
 User Rank: Strategist
5/10/2019 | 9:42:39 AM
This is why we have a mess in his country
At the risk of being politically incorrect, are we now less concerned with someone's skill set then we are with what may or may not be between their legs?  No way 100 days of training compares with a few years (or decades) of security experience.  But wait, after all they are girls and deserve a chance regardless if we get hacked on their first watch and all of our companies trade secrets have been compromised, at least we feel good about ourselves.  Is the next step to allow foreign agents into the gates because they "self-identify" as patriotic Americans?  Sheesh!


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3903
PUBLISHED: 2021-10-27
vim is vulnerable to Heap-based Buffer Overflow
CVE-2021-41191
PUBLISHED: 2021-10-27
Roblox-Purchasing-Hub is an open source Roblox product purchasing hub. A security risk in versions 1.0.1 and prior allowed people who have someone's API URL to get product files without an API key. This issue is fixed in version 1.0.2. As a workaround, add `@require_apikey` in `BOT/lib/cogs/website....
CVE-2021-1115
PUBLISHED: 2021-10-27
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs, where an attacker with local unprivileged system access may cause a NULL pointer dereference, which may lead to denial of service in a component beyond the vulnerable co...
CVE-2021-1116
PUBLISHED: 2021-10-27
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash.
CVE-2021-1117
PUBLISHED: 2021-10-27
Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where an attacker through specific configuration and with local unprivileged system access may cause improper input validation, which may lead to denial of service.