Cyber Feminist: Enterprise Security ‘Needs More Diversity’
Add bookmarkWith an oversaturated media market and cyber security evolving each day, it’s tough to pinpoint a program that can remain informative, objective and even entertaining.
The “Task Force 7” Radio program, on the VoiceAmerica Talk Radio Network, appears to have risen to the occasion, with weekly content that cuts to the core of cyber security and stays accessible and opinionated throughout.
The Nov. 27 episode of “Task Force 7” was both news-related and thought-provoking as host and information security executive George Rettas discussed the underrepresentation of women in cyber security.
Rettas is the CEO of Task Force 7 Technologies, Inc., a company focusing on building the world’s premier Professional Cyber Security Social Network. Previously, he worked at JP Morgan Chase Bank, where he was a Managing Director with the firm's Cyber Security Team.
Rettas started Monday's program with a comprehensive review of last week’s Uber breach, which was allegedly countered at the corporate level with hush money. Rettas was then joined by Managing Director of Responsible Cyber, and cyber feminist, the Singapore-based Dr. Magda Chelly.
In kicking off the show, Rettas discussed the reported 57 million driver and rider accounts seized from Uber by hackers. Uber reportedly kept the breach secret for over a year, after paying $100,000 in “ransom hush money” to delete data and keep quiet.
The data was lifted off third-party servers; hackers then approached Uber demanding the money. Rettas said that Uber then demanded non-disclosure agreements (NDA) from the hackers.
“Really, I mean, for what?” Rettas asked. “These are criminals, possibly organized crime members. Who asks a criminal to sign an NDA?”
The host then explained how Uber executives reportedly made the ransom payout appear as a “bug bounty,” which is paid to hackers to gainfully test systems and find problems. Uber allegedly hid details of the attack until just recently.
The breach, Rettas explained, comes after Uber was already under investigation by the FBI over its use of software to track and potentially influence its competitor app, Lyft.
See Related: Cyber Security In 'State Of Flux': Q&A With FBI's Nick Savage
The second half of the show was an exhaustive discussion about the role of women in cyber security with Chelly, whose company provides cyber training and consultancy services around the world. With a PhD in telecommunication engineering, specializing in cyber security, Chelly was also nominated as a Top 50 cyber security influencer globally.
Explaining the meaning of “cyber feminist,” Chelly said, “For me, it’s basically encouraging women into cyber security and making sure we raise equal opportunities for young women who want to start a career in the field, or women already in the field, who want to…take on more leadership positions.”
Summarizing the plight of women in the field, Chelly said, “It’s quite sad (today). We still have 11% of women in the field. In several years, the situation did not change; it did not evolve in terms of members.”
“Most of the leadership positions are male-dominated,” she said. “We do not see the diversity that we would like to have.
“The number gets worse as we talk about higher positions,” Chelly added. “We have a lot of women in low or medium positions in cyber security. They tend to stay in positions…and do not evolve in their careers. Many of the challenges are related to perceptions and presumptions. I think this main challenge is one of the things that anyone should work on – those unconscious biases. It’s not about only women, but about evolving in someone’s career,” Chelly said, after explaining negative stereotypes of cyber security like workload, hours, etc.
See Related: Incident Of The Week: Uber's Handling Of Pervasive Hack
The managing director of Responsible Cyber went on to discuss the industry’s biases, and how they form from an early age. She said the issue is indicative of a larger diversity problem.
“We need to understand the root causes of this,” she said. “Maybe try to actually see, and try to discover the potential of the kids. (We must) make sure that while a teenager, we take the time to raise their potential, discover their capabilities.”
In discussing possible institutional and societal changes that must be made to attract more women to cyber security, Chelly said, “We need to include people, no matter their gender, or anything else aside from skills and capabilities.”
She explained that in a corporate setting, there is an assumption that females present are salespeople. “This does not encourage inclusion,” Chelly suggested.
On the role of men in this transition, Chelly said, “When it comes to recruitment, it is very important to bring on the willingness, or the courage, to have more women on their teams. That comes from any team…but it needs to be said.”
“I’ve got to tell you, it’s tough,” Rettas added. “If I walk into a computer science class right now, there are very little women in there. Do we have to go deeper, go into high schools?”
“(We must) make sure that whenever we’re bringing role models to schools, we think of diversity, and different role models,” Chelly responded.
From a young age, Chelly said, students “need to understand that cyber security is not only hacking, not only codes, not only breaking into a computer, there’s more to it.”
“Kids are born in a digital, connected world. They shouldn’t be unfamiliar with this concept.”
To get women into senior-level positions, it “needs to be a top down approach,” she said. “(Employers must) encourage the evolution of the careers of all team members.”
To listen to this and past episodes of "Task Force 7" Radio, click here.
This comprehensive recap will be a weekly feature on CSHub.com.