Women in IT Security
I recently had a conversation with a former student of mine about the number of women in the Information Security profession compared to their male counterparts. She has particular interest in web application security and I pointed her to the Open Web Application Security Project (OWASP) which was having its annual conference in the DC area. She actually volunteered at the event (even brought me a nifty OWASP tote bag)and was later lamenting the fact that in most of the workshops, she was the only woman in the room. Without relaying our entire conversation or pontificating on the subject, I was reminded of that conversation twice this week. Once when I had a meeting with Security Risk Manager at a large corporation who turned out to be a woman and earlier today I came across this paper on Women in IT Security Project Management while perusing the SANS Institute InfoSec Reading Room. The author’s stated purpose is to ” determine if there is a common skill set, besides technical expertise, which play an important role in thriving within the IT security profession” and how “well equipped” women are to take on that role. The paper can be found here. I thought I’d share.
|
William J McBorrough is a Security Expert with many years of success Managing, Designing, and Implementing medium and large enterprise Physical and Information Technology Security Solutions. His experience spans the spectrum from small e-commerce start-ups to multi-campus state and federal agencies to global financial sector organizations. He is on the faculty of various universities including University of Maryland University College, EC-Council University, George Mason University and Northern Virginia Community College where he conducts research and teach graduate and undergraduate courses relating to cybersecurity, cybercrime, cyberterrorism, and information security and assurance. He holds a Bachelors of Science in Computing Engineering with a concentration in digital networks and a Masters of Science in Information Security and Assurance. He is a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in Risk Information System Control (CRISC), and Certified Ethical Hacker (CEH).He is well versed in personnel, systems and network security risk management. His core competencies include Developing cost effective solutions to enable mission assurance in the following areas: Enterprise Risk Management, IT Governance, Security Organization Development, Information Security and Assurance
|
Related posts:
- 2010 CyberSecurity Watch Survey
Cybercrime threats posed to targeted organizations are increasing faster than many organizations can combat them, according to the 2010 CyberSecurity Watch Survey conducted by CSO magazine, the leading resource for... - Is targeted botnets the next wave?
Comments on the targeted botnet attacks being used to greater paydays for hackers.... - SMB Cyber Security Alliance helps Small Businesses address Cyber Security Risks
Across all industries, small businesses are increasingly facing new threats related to cyber security. Whereas some have taken minimum steps to address these threats but most have not. New security... - Pentagon and Congress wants control of your network during cyberattack
There has been a lot of chatter in the news lately about the possibility of a “widespread coordinated” cyber attack against our critical infrastructure and our ability to successfully defend...