The cy­ber so­lu­tion


The Denver Post - - BUSINESS - By Ta­mara Chuang

Ina room heavy with testos­terone at Regis Univer­sity last week­end, the col­lege team that out­wit­ted vol­un­teer hacker sat a cy ber se­cu­rity com­pe­ti­tion had four women and four men. The sec­ond-place team had two fe­males and six males. Third place? All guys. Co­in­ci­dence? The coach of the BYU team, which won the Rocky Moun­tain Re­gional Col­le­giate Cy­ber De­fense Com­pe­ti­tion for the sec­ond year in a row, doesn’t think so.

“Our team was 50 per­cent fe­male and was the same com­po­si­tion last year. In both years we are the only team na­tion­wide to be gen­der bal­anced. Last year we won re­gion­als and took num­ber two in the na­tional com­pe­ti­tion,” said coach Dale C. Rowe, an in­for­ma­tion tech­nol­ogy pro­fes­sor at BYU. “There is a huge strength to diver­sity of thought in these com­pe­ti­tions.”

The cy­ber­se­cu­rity world is scram­bling to find qual­i­fied work­ers to fill an ex­pected 1.8 mil­lion po­si­tions by 2022, ac­cord­ing to a Frost & Sul­li­van re­port. But the pool of ap­pli­cants might be larger than pre­vi­ously be­lieved, be­cause there’s grow­ing re­al­iza­tion by cy­ber­se­cu­rity ex­perts that a di­verse team is bet­ter pre­pared to iden­tify and coun­ter­act known and un­known threats. By at­tract­ing non­tra­di­tional em­ploy­ees — women and peo­ple from non­tech­ni­cal back­grounds — the in­dus­try hopes to fill open seats and take ad­van­tage of dif­fer­ent per­spec­tives.

“Dif­fer­ent skill sets are be­com­ing more val­ued in se­cu­rity in­stead of just hav­ing highly tech­ni­cal em­ploy­ees,” said Robb Reck, chief in­for­ma­tion se­cu­rity of­fi­cer at Ping Iden­tity in Den­ver. “... Any­time you can get diver­sity, you ex­pand the over­all per­spec­tive of a group.”

But it’s still a man’s world and one that has not been friendly to women em­ploy­ees, ac­cord­ing to the 2017 Global In­for­ma­tion Se­cu­rity Work­force Study, re­leased Wednes­day. The re­port — which was led by the Cen­ter for Cy­ber Safety and Ed­u­ca­tion, the non­profit (ISC)² cer­ti­fi­ca­tion group — es­ti­mates that only 11 per­cent of the world’s in­for­ma­tion se­cu­rity work­ers are women, a num­ber that has been stag­nant for the last cou­ple of years.

And 51 per­cent of the women sur­veyed said they had ex­pe­ri­enced some form of dis­crim­i­na­tion at work. Only 15 per­cent of men said they had ex­pe­ri­enced dis­crim­i­na­tion. And the women, on aver­age, had higher lev­els of ed­u­ca­tion but were paid less and held fewer lead­er­ship po­si­tions com­pared to their male co-work­ers.

“It is one thing to have the sus­pi­cion that women are feel­ing a level of dis­crim­i­na­tion. It’s a whole other thing to see it in writ­ing as a met­ric,” said Lynn Ter­wo­erds, ex­ec­u­tive di­rec­tor of the Ex­ec­u­tive Women’s Fo­rum, a part­ner on the re­port. “... It’s not a mo­ti­va­tor to come to the pro­fes­sion or stay in the pro­fes­sion.”

Dis­crim­i­na­tion re­ported by the women ranged from un­con­scious bias (87 per­cent) to to­kenism (22 per­cent). Ap­prox­i­mately 53 per­cent of the women said there was an un­ex­plained de­lay or de­nial of ca­reer ad­vance­ment, while 29 per­cent said dis­crim­i­na­tion came in the form of an “ex­ag­ger­ated high­light­ing of a mis­take or er­ror.” And 19 per­cent said dis­crim­i­na­tion was out­right overt.

Com­pa­nies that ac­knowl­edge bias and cre­ate sup­port and men­tor­ship groups for women say their cy­ber­se­cu­rity teams fare bet­ter in hir­ing and re­tain­ing women, said Joyce Brocaglia, CEO of cy­ber­se­cu­rity staffing firm Alta As­so­ciates and founder of the Ex­ec­u­tive Women’s Fo­rum.

“In­ter­est­ingly enough, the cor­po­ra­tions in­volved in Ex­ec­u­tive Women’s Fo­rum and in en­gag­ing women tend to have a higher per­cent­age of women than the norm,” Brocaglia said. “Women who are given op­por­tu­ni­ties and ac­cess to spon­sor­ship and men­tor­ing pro­grams feel more sat­is­fied with their ca­reer and job. I can make a leap of faith (and say) that if you feel more sat­is­fied and val­ued, you tend to stay with a com­pany.”

The re­port of­fered prac­ti­cal ways to at­tract and re­tain women: End pay in­equity, iden­tify bias in re­cruit­ing and per­for­mance eval­u­a­tions, value dif­fer­ent ed­u­ca­tional back­grounds and make the work­place more in­clu­sive.

A di­verse work­force ex­tends be­yond gen­der. Peo­ple from dif­fer­ent eth­nic, cul­tural, fi­nan­cial and ed­u­ca­tional back­grounds and ex­pe­ri­ences bring dif­fer­ent in­sight to prob­lem solv­ing. You don’t need a science, tech­nol­ogy, en­gi­neer­ing or math back­ground to suc­ceed in cy­ber­se­cu­rity, Brocaglia said.

“I walked away from writ­ing a dis­ser­ta­tion on some Latin poet to work­ing for 20 years at Bar­clay’s Bank, Mi­crosoft and Or­a­cle,” Ter­wo­erds said. “... If I put my ex­ec­u­tive search hat on, when we fill jobs for a CISO (chief in­for­ma­tion se­cu­rity of­fi­cer), they’re ask­ing me to find some­one with strong busi­ness acu­men and a strong leader who can ar­tic­u­late con­cepts and is­sues that the board can un­der­stand. None of those things are spe­cific to hav­ing a tech­nol­ogy de­gree . ... Gone are the days that cy­ber­se­cu­rity is some geeky per­son wear­ing a hoodie and star­ing at a com­puter.”

Change is oc­cur­ring at schools, which en­cour­age diver­sity in var­i­ous ways among all age groups. Regis Univer­sity, for ex­am­ple, hosts cod­ing pro­grams for girls, such as CoderDojo and a Cy­ber­girlz day-long event April 1.

“If you look at the em­ploy­ment pic­ture in Den­ver and Colorado, there are more (tech) jobs than there are peo­ple,” said Shari Plantz-Masters, aca­demic dean of Regis’ Col­lege of Com­puter & In­for­ma­tion Sci­ences. “The only way we can (solve) it is to in­spire a pas­sion in young peo­ple.”

Over at Se­cureSet Academy, a cy­ber­se­cu­rity boot camp in Den­ver, a new pro­gram is meant to ap­peal to peo­ple who don’t have a tech­ni­cal back­ground. Its new “hunt an­a­lyst” role was set up to train creative an­a­lyt­i­cal types to work along­side se­cu­rity en­gi­neers. Even­tu­ally they will be hired to an­a­lyze IT en­vi­ron­ments and set traps for hack­ers. Peo­ple who are good at math, so­cial science and busi­ness and have a knack with creative so­lu­tions are en­cour­aged to ap­ply to the 12-week pro­gram that starts May 1 (de­tails at se­cure­se­ta­

More women are al­ready in­ter­ested, said Bret Fund, a founder of Se­cureSet Academy. At its cy­ber­se­cu­rity meet-ups, about 30 per­cent of the peo­ple gath­ered are women. He ex­pects women will make up 40 to 50 per­cent of the new hunt an­a­lyst pro­gram stu­dents.

“We can’t speak to all the rea­sons why women are un­der­rep­re­sented in STEM ca­reers, but we can all agree that there aren’t enough women par­tic­i­pat­ing,” Fund said. “We an­tic­i­pate that the unique mix of an­a­lyt­i­cal and tech­ni­cal skills re­quired of hunt an­a­lysts will cre­ate a big, bright door­way into the in­dus­try that more women will walk through rel­a­tive to most other tech ca­reer fields.”

Rowe, BYU’s win­ning cy­ber-de­fense coach, said he strives to have fe­male rep­re­sen­ta­tion on his teams.

At the re­gional com­pe­ti­tion last week­end, BYU stu­dents Sarah Cunha and Ha­ley Den­nis man­aged the fire­walls and net­work­ing, which were crit­i­cal to the win. With two con­sec­u­tive re­gional ti­tles plus plac­ing sec­ond na­tion­wide last year, BYU’s diver­sity tac­tic is get­ting no­ticed.

“I know re­cruiters have also taken no­tice. Women from our pro­gram are whipped up for in­tern­ships and place­ments with ex­tra­or­di­nary ra­pid­ity,” Rowe said. “They are smart, highly trained, con­fi­dent, and think dif­fer­ently to the cur­rent work­force male ma­jor­ity — so it makes sense. With the type and scale of cy­ber at­tacks we see on an al­most daily ba­sis, this is be­com­ing crit­i­cal.”

The guys on the team no­tice the dif­fer­ence too.

“I hon­estly be­lieve that a gen­der bal­ance def­i­nitely helps us and that the team feels the same way,” said Hans Farn­bach, a BYU se­nior. “... Even if the dif­fer­ent per­spec­tive that is of­fered isn’t 100 per­cent im­ple­mented in the end, the in­flu­ence it cre­ated in the brain­storm­ing process most likely changed the fi­nal so­lu­tion for the bet­ter.

“That isn’t to say that ev­ery­one on our team isn’t in­cred­i­bly tal­ented, but the gen­der diver­sity gives us an ex­tra leg up on the com­pe­ti­tion. Hard work and ded­i­ca­tion will al­ways out­per­form the ge­netic lot­tery of gen­der, but if I had to bet on a team of all men, all women, or 50-50 split, I would put my money on the gen­der-di­verse team ev­ery time.”

“Gone are the days that cy­ber­se­cu­rity is some geeky per­son wear­ing a hoodie and star­ing at a com­puter.” Lynn Ter­wo­erds, ex­ec­u­tive di­rec­tor of the Ex­ec­u­tive Women’s Fo­rum

Joshua Mas­saro, Mas­saro Im­ages

Stu­dents from Brigham Young Univer­sity in Provo, Utah, won the Rocky Moun­tain Re­gional Col­le­giate Cy­ber De­fense Com­pe­ti­tion at Regis Univer­sity in Den­ver last week­end. Coach Dale C. Rowe, an in­for­ma­tion tech­nol­ogy pro­fes­sor at BYU, cred­ited the team’s gen­der bal­ance — four men and four women — for the vic­tory. “There is a huge strength to diver­sity of thought in these com­pe­ti­tions,” Rowe said.

Ten col­lege teams par­tic­i­pated in the Rocky Moun­tain Re­gional Col­le­giate Cy­ber De­fense Com­pe­ti­tion at Regis Univer­sity in Den­ver last week­end. BYU was the win­ner. Joshua Mas­saro, Mas­saro Im­ages

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.