Today I realized it was October 11th – and while many Canadians are returning to work after a long Thanksgiving weekend, quite a few people have taken further time off to be thankful with their friends and families. Yet for others across the globe – Today is known as the International Day of the Girl . So to honor the day – I have decided to finally speak up as a woman in information security – at least a little bit.
It is damn hard – no easy feat – being a woman in security . It can be demotivating and heartbreaking, thrilling and intense, but it is NEVER boring. With women only making up around 10% of the workforce – something needs to change and to be completely honest – I am not even sure what does. Businesses and governments are spending big money to try and attract women into these fields – but why? There is already a huge worker shortage as we all know – so why focus only on one gender? I really want women to be in this field, especially after having a handful of years of experience behind me and I only ever worked with about two other women in technology. I say technology – and not security – because one was a webmaster and one was web support – not exactly information security to say the least.
I have a huge issue with not enough women in the field but I also have a major issue with employershiring women for the sake of hiring women. Hiring a woman to check off that minority checkbox is a big no-no. I once worked as a security administrator for a medium-sized company with around 1500 active users. Acting as level 2 support for various issues we constantly received tickets from level 1 support. Level 1 support had their own manager, a woman with minimal IT experience and it showed everytime. It made our job just that much harder because she didn’t know basic help desk responsibilities.
So what are we as a community going to do about this? There’s constantly workshops and webinars , videos and money being spent on this issue – so why haven’t we seen any results? #GirlsBelongHere in this field and they need to be told. The visibility of information security still feels next to non-existent the moment you talk to anyone who DOESN’T work in technology . Want to see what I mean? Ask anyone who works with a computer this question. “When you take a break and you walk away from your PC – what is the last thing you do before you leave your desk?” Most will respond slightly confused and unsure of where you are going with the question. If you are looking for the correct answer – it is usually along the lines of locking your computer. Many professionals outside of technology – especially outside of security, may not think twice about leaving their computers unlocked. security awareness needs to improve in general – for everyone at this point.
Upon my research though I did discover NICE – The National Initiative for Cybersecurity Education led by NIST – The National Institute of standards and Technology. To take directly from their website at csrc.nist.gov/nice/about:
The National Initiative for Cybersecurity Education (NICE), led by the National Institute of Standards and Technology (NIST), is a partnership between government, academia, and the private sector focused on cybersecurity education, training, and workforce development. The mission of NICE is to energize and promote a robust network and an ecosystem of cybersecurity education, training , and workforce development. NICE fulfills this mission by coordinating with government, academic, and industry partners to build on existing successful programs, facilitate change and innovation, and bring leadership and vision to increase the number of skilled cybersecurity professionals helping to keep our Nation secure.
I believe as a whole community – we are going to need to work together to push security to the front lines. It doesn’t matter if you are near retirement or if you are starting your first job as a teenager, everyone is affected by security and they need to be made aware. I’m going to keep an eye out for any initiatives that I can become a part of and volunteer for and preach security any chance I get to those that will listen – what are you going to do?
Society for Canadian Women in Science and Technology – http://www.scwist.ca/
Canadian Coalition of Women in Engineering, Science, Trades and Technology –http://www.ccwestt.org/default.aspx
If you know of any other great initiatives in or outside of Canada, please list them in the comments below!
A great whitepaper can also be found on the statistics of women in security that I suggest you check out from Frost & Sullivan entitled Women in Security: Wisely Positioned for the Future of InfoSec –https://www.isc2cares.org/uploadedFiles/wwwisc2caresorg/Content/GISWS/2015-Women-In-Security-Study.pdf