The more you know the better, so for this article I have decided to make some research related to this month’s hot topic: WOMEN. As we know, March is the month to encourage people to be more conscious about changes that can be made to have a more balanced society and improve certain situations that are unfair. As usual, I made some lists with different content for you to read and learn, from women with important positions to organizations and key points that can be applied to progress in the cyber security industry.
Women that make a difference:
Lesley Carhart:
https://twitter.com/hacks4pancakes
Principal Threat Hunter at Dragos Inc, where every day she fights off against digital theft, hackers, and infections. Not many people can claim the practical experience she’s had over two decades.
Niloofar Howe:
https://twitter.com/niloofarhowe
Niloofar Howe is the Chief Strategy Officer at RSA, handling direction of one of the most prominent cybersecurity firms in the market and working to incorporate the needs of clients of all sizes.
Ann Barron-DiCamillo:
Ann Barron-DiCamillo is the Vice President Cyber Threat Intelligence and Incident Response at American Express. She has nearly 20 years of experience, having served as a member of the Board of Directors at FS ISAC and as Director of US CERT (Computer Emergency Readiness Team) at the Department of Homeland Security, responding to major incidents on a national level.
Runa A. Sandvik:
Runa Sandvik is the Senior Director of Information Security at the New York Times, where she helps keep the newsroom secure and teaches digital security to journalists.
Katie Moussouris:
Katie Moussouris’ reputation was cemented when she pioneered the first bug bounty program at the Department of Defense as well as Microsoft.
Organizations that help:
Women4Cyber (Created by ECSO):
An initiative to increase the participation of women in the cyber field, in order to increase the number of women workers and meet the growing demand for cybersecurity professionals in Europe.
WOMCY:
The first organization in Latin America that brings together cybersecurity professionals. It aims to increase the presence of women in the sector, and thus it promotes networking, tutoring and special programs to help promote both the careers and the perception of women in cybersecurity.
Inteligenca:
https://inteligenca.lpages.co/100-women-in-100-days/
It is an organization that supports interested women making a change in their career towards cybersecurity. They launched ‘100 Women in 100 Days,’ an initiative dedicated to informing young women about this field and helping 100 women to redirect their careers in the sector.
CybHER:
https://www.cybher.org/events/gencyber-girls-in-cybher-security-camp-2019/
Providing resources for women and girls, from college and university to their desired work position. The objective of empowering, motivating, educating and changing the perception of girls and women in cybersecurity. His most important project is the GenCyber Girls in CybHER security camp for girls with NSA support.
The Executive Women Forum (EWF):
This forum is mainly about Information Security, Risk Management and Privacy and has been counting on the participation of more than 10,000 women since its creation in 2002. Considered pioneers, they have education offers, mentoring and leadership development programs for women at all levels of their career. They also hosted a conference attended by more than 500 leading leaders.
The Cercle des Femmes of the CYberSecurité (CEFSYS):
https://cefcysblog.wordpress.com
A French organization for women in the field of cybersecurity, which is also open to men who want to work to advance the presence and impact of women in security-related professions.
Strategies we can take:
1. Support Competitions and Scholarships Specifically for Women
Host competitions like hack-a-thon or a capture the flag, specifically for women, emphasizing on hands-on security skills, teamwork and applications to real-world cybersecurity challenges.
2. Use Inclusive Language in Hiring Efforts
Advertise cybersecurity positions with language and images that are inclusive of all applicants. Do not reinforce preconceived notions about who the stereotypical hacker or engineer is.
3. Involve Women in Recruitment
Involve senior-level women directly in the interviewing and recruiting processes so applicants are aware early on that there are other women at the firm who work in this field as well as opportunities for advancement within the organization.
4. Enable Employees to Pursue External Certifications
Provide support for women to engage in external training and certification programs related to STEM and security, such as Certified Information Systems Security Professional (CISSP) training or Certified Information Security Manager (CISM) certification.
5. Offer Fair and Equitable Compensation
Compare salaries across cybersecurity roles to ensure that women are not being paid less than men for the same job. On average, according to ISC, women working in cybersecurity have higher levels of education than their male colleagues and are still paid lower salaries.
These are just some highlights of the cyber security industry, as there are many more women, organizations and strategies that make a difference each and every day. As an industry and as a society, we need to keep up our work into so that we can reach a balance to have equality.