Women in security: Changing perceptions>
SC Magazine – Kate O’flaherty
Ripples of outrage spread across the cyber-security industry last week after women in red evening gowns were seen promoting a product at the Infosecurity Europe 2018 conference. The event’s organisers condemned the move, saying vendor contracts ban the use of so-called âbooth babes’. But the damage had already been done: How can industry perceptions change for the better if this is the view portrayed by security vendors themselves? Dr Jessica Barker, co-founder of Redacted Firm and a prominent voice on the speaking circuit, recalls several times she was treated a certain way for being a woman, particularly when she was at a more junior level. The problem is often assumptions led by unconscious bias, she says, citing an awkward situation at a conference when the person at the desk assumed she couldn’t be a speaker because she is a woman. âThere was no malice, she had just been seeing men all day,â she concedes. âI think women are in general brought up with more focus on communication skills,â says Barker. âI know men who are fantastic communicators, but I think having diversity in general is important because it brings in different world views and experience.â Sian John, chief security adviser at Microsoft, has just received an MBE for services to cyber-security. She was always technically talented: Her father, a maths lecturer, encouraged her abilities from a young age. In addition, she says: âI get that thing occasionally when you get judged for interrupting talking. But unlike some men, I don’t walk into a room and expect to own it and that can be the biggest advantage. People will often come back and ask me a question quietly at the end of the meeting.â Rashmi Knowles, field CTO EMEA at RSA Security, says: âOne of the reasons I did a CISSP a few years ago is: I am a woman at RSA and people would say, âare you at the right conference?’ I did it to prove my worth.â Things can be very different outside Europe and the US. Jovi Umawing, malware intelligence analyst at Malwarebytes is an IT graduate who started coding at University. She took her course in the Philippines, where women in IT aren’t unusual. But Umawing noticed a change when she moved to the UK with her current employer. Darktrace is a gender diverse firm with 40 percent female employees, run by two women CEOs, which Gustafsson says happened naturally. âWe have got to where we are today by not overthinking it,â she says. âIt helps having women at the top, so we don’t need to set up policies when we hire. At Darktrace it feels like gender is irrelevant.â Sadly, the wider industry is nowhere near reaching gender parity or equality. But focus is turning to how to attract women to apply for jobs in the first place. Indeed, experts emphasise the importance of avoiding rigid lists of requirements including security certifications when advertising for jobs in the sector. But women must be encouraged onto the right path before they enter the jobs market. It’s known the industry needs to start in schools to capture female talent early and many initiatives are already underway, such as the National Cyber Security Challenge’s Cyber First Girls Competition. This is a complex task â further compounded by the need to encourage women to take STEM subjects too. Bridget Kenyon, global CISO Thales eSecurity took further maths and physics at school and astrophysics at university. A technically talented professional, Kenyon’s CV includes a role at University of Warwick in 2006 where she was head of information security. Many issues remain but momentum is building. While the numbers remain stagnant, the industry is certainly realising that at the very root of the problem, culture needs to change.
Link: https://www.scmagazineuk.com/women-working-at-bletchley-park/article/772387/