Tag Archives: women

Women in infosec? That thing again?

I usually don’t weigh in on the topic, well, because I don’t have the right equipment for once, and furthermore, I think that the majority of discussions around it are led by people who woefully misrepresent most of the women in infosec that I know.

courtesy: http://meanwomensuck.com/ (seriously!)But I have to share this: Jennifer J. Minella (@jjx on twitter) posted her quick rant after hitting RSA: http://securityuncorked.com/2014/02/calling-bull-on-women-in-infosec/.

And I couldn’t agree more. I can only share my own experiences, and I’ll do it anecdotally (i.e. non-representative of frequency or quantity). First – women “empowering” other women who work together. Bad Idea. Again – anecdotally, having such a situation ends up in “cleanup on aisle 3”. Competitive, backstabbing, fame stealing, idea hogging, you name it. Someone gets hurt, and sometimes it’s not even the one in the more senior position.

The second example is layering – having mixed groups of the male and female persuasion  usually ends up in empowerment. Of both groups. Ideas that get better “QA” in their inception and formalizing phases, wider coverage of risks and development areas, and even more relaxed work environment when compared to mostly homogeneous groups. Works even better when such “layering” is also reflected in the organizational hierarchy. Men reporting to Women, who report to Men, and so on.

So there you go – a bit of good, a bit of bad, but remember again that these are just anecdotes. I’m sure that you’ll find counter-examples, and more ideas that support the “clan” model where women should stand for one another and support each other. I don’t see this as something that’s going to be better than finding out real mentors (regardless of gender) that you can learn from, and teach back. I know I have – both as a mentor, as well as a mentee or protégé (one of these words isn’t a word I suspect…).

I’ve yet to meet a women in infosec who’s been “empowered” because of other women, on the other hand I’ve met a lot of women in infosec that made it because they actively took a role in the industry, fought for their voice (just like anyone in the industry does), and didn’t give up just because they were denied. I can’t count the number of times I’ve been denied, yet we all keep working and pushing forward. Finding excuses for being rejected is easy. Either because you are a women, or maybe black, or white, or speak the wrong language, wear the wrong clothes, have a different opinion, religion, nationality – you name it. I can point out people from each one of those “traits” and show you how it never made it as an excuse in their vernacular. They just kept pushing on.