Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

6/6/2014
05:32 PM
Marilyn Cohodas
Marilyn Cohodas
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

Dark Reading Radio: Breaking the Glass Ceiling in InfoSec

Join the discussion about the challenges and rewards of being a woman in IT security from the vantage point of three accomplished security professionals. Wednesday, June 11, 2014 at 1:00 p.m. ET

"Lean in," says Facebook COO Sheryl Sandberg in her best-selling 2013 book of the same name, which advises women on how to shatter glass ceilings in tech and other male-dominated industries. But, as any woman in tech will tell you, the challenges today are daunting.

The numbers say a lot, especially in a field where there is a gigantic skills shortage: According to the recently released InformationWeek IT Salary Survey, women comprise only 14% of security staff positions, just 10% of management roles, and female managers earn about $27,000 less than their male counterparts.  

Even more disconcerting is research from the Center for Talent Innovation, which reports that while roughly 50% of STEM program graduates are women, women working in high-tech fields are 45% more likely than their male peers to leave the industry within a year of entering it.

In our next episode of Dark Reading Radio on Wednesday, June 11, 2014 at 1:00 p.m. ET (10:00 a.m. PT), I’ll be leading a panel discussion about the challenges and opportunties for women in IT security. In addition to the issues of the gender gap and pay equity, we'll be talking about the psychic rewards of a career in the security field -- things like learning, camaraderie, and fighting the good fight. Our panelists will also share some of their hard-earned wisdom about how to get ahead in a man's world.

Let me tell you a little bit about our guest speakers:

Lysa Myers began her tenure in malware research labs in the weeks before the Melissa virus outbreak in 1999. Over the years, Lysa has worked both within antivirus research labs, finding and analyzing new malware, and within the third-party testing industry to evaluate the effectiveness of security products. As a Security Researcher for ESET, she currently focuses on providing practical analysis and advice of security trends and events.

Marisa Fagan is a community manager at Bugcrowd where she oversees 7,000 security researchers. Before that, Marisa was a member of the Facebook product security team responsible for the Facebook Bug Bounty, and she managed penetration testing and research projects at Errata Security. Marisa is a co-founder of the Bay Area hacker con, BayThreat, in Mountain View, Calif.

Kerstyn Clover  is a consultant on the SecureState Attack and Defense Team, where she works with a broad range of organizations across a variety of industries on security assessments including incident response, forensic analysis, and social engineering.

I hope you’ll join us on Wednesday for what promises to be an exciting discussion about opportunities in the security industry from the vantage point of three professional women with stellar resumes and a passion about their work. You can post your comments below or bring them to the Dark Reading radio studio. I look forward to seeing you there. 

Marilyn has been covering technology for business, government, and consumer audiences for over 20 years. Prior to joining UBM, Marilyn worked for nine years as editorial director at TechTarget Inc., where she launched six Websites for IT managers and administrators supporting ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/12/2014 | 10:00:08 AM
Thanks to all for a fantastic radio show and discussion.
You can still listen to the broadcast and read (and add to the commentary. Just go to our Dark Reading Radio studio and start the audio player. 
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/11/2014 | 10:54:36 AM
Link to the Radio Show
We're just a few hours away from today's Radio Show. Here's the link to our studio where you can listen to the panel discussion and chat live with your peers. 

http://www.darkreading.com/radio.asp?webinar_id=93

See you at 1 pm ET/10 am PT. 
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/10/2014 | 3:52:21 PM
Re: Question to the Panelists
Looking forward to "seeiing" some new names & "faces" tomorrow for our Radio Show but if our date and time doesn't fit into your schedule please be sure to post your comments or questions here. Of course, we are an equal opportunity radio broadcast so if you aren't a woman in IT but work with one, are friends with one, or are related to one, we welcome you to the discussion as well.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/9/2014 | 11:50:19 AM
Re: Question to the Panelists
Thanks for the clarifications. I'll make sure that gets asked during the broadcast or text chat on Wednesday. I hope you can make it -- then you can ask it yourself.

Marilyn
SecOpsSpecialist
50%
50%
SecOpsSpecialist,
User Rank: Moderator
6/9/2014 | 11:48:08 AM
Re: Question to the Panelists
Marilyn,

What I'm asking specifically is in their experience, they may have run into the perpetual issue where others in the field, or customers, do not believe that they have the technical chops to know what they are talking about, as such, how have they dealt with that adversity? What did they do to overcome it? How did they not let it bother them?

 

Sorry, should have been a touch more specific.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/9/2014 | 11:41:47 AM
Re: Question to the Panelists
Thanks for your comment and question @SecOpsSpecialist.  I'm a little unclear about what you are asking. Do you mean your male colleagues don't think you have the appropriate knowledge and understanding of the job and the underlying technology? 

 
SecOpsSpecialist
50%
50%
SecOpsSpecialist,
User Rank: Moderator
6/9/2014 | 11:21:46 AM
Question to the Panelists
As a female security professional, I've been finding this one common theme in the computer STEM field:

Women are not expecting to know anything about their job or how a computer works.

 

As women in the Security field and the computer field which is male-dominated, how do you respond when you have to interact with someone who clearly views you as inferior to them? How do you get around it?
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
6/9/2014 | 9:38:59 AM
Re: Lysa Myers
Thanks for your comment, @christianbryan! This is indeed  great panel and it's one hat is open to everyone -- not just for women in InfoSec. Fathers, brothers and colleagues of women in InfoSec. Please come and add your voice and views to the discussion.

 
RetiredUser
100%
0%
RetiredUser,
User Rank: Ninja
6/7/2014 | 10:10:23 AM
Lysa Myers
I look forward to this, especially for Lysa Myers.  I've been following her writing and enjoy her style.  This is a great panel and, as I've noted in the past, as a father of daughters - one of whom is demonstrating high-tech abilities already - I'm really happy to see role models out there to reference if either of my girls chooses a professional path in tech.
The Security of Cloud Applications
Hillel Solow, CTO and Co-founder, Protego,  7/11/2019
US Mayors Commit to Just Saying No to Ransomware
Robert Lemos, Contributing Writer,  7/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "SpearPhish! Everyone out of the office!"
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-13584
PUBLISHED: 2019-07-17
The remote admin webserver on FANUC Robotics Virtual Robot Controller 8.23 allows Directory Traversal via a forged HTTP request.
CVE-2019-13585
PUBLISHED: 2019-07-17
The remote admin webserver on FANUC Robotics Virtual Robot Controller 8.23 has a Buffer Overflow via a forged HTTP request.
CVE-2019-13631
PUBLISHED: 2019-07-17
In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.
CVE-2019-13614
PUBLISHED: 2019-07-17
CMD_SET_CONFIG_COUNTRY in the TP-Link Device Debug protocol in TP-Link Archer C1200 1.0.0 Build 20180502 rel.45702 and earlier is prone to a stack-based buffer overflow, which allows a remote attacker to achieve code execution or denial of service by sending a crafted payload to the listening server...
CVE-2019-10100
PUBLISHED: 2019-07-17
tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization of Input During Web Page Generation. The impact is: JavaScript code execution. The component is: Media element. The attack vector is: The victim must paste malicious content to media element's embed tab.