Ada Lovelace Day seems an appropriate time to publish this review.
The domains of science, technology, engineering and mathematics (STEM) have often been difficult environments for women. And while great strides have been made in realising the previously untapped potential that this half of the population has to offer, one section of this realm largely seems to remain a pointlessly male preserve.
If you look at lists of speakers at hacking and information security conferences, you’ll struggle to find female names. The gung ho, pseudo-machismo that infects much of the information technology community would be almost comical (coming as it does from people who pretty much define the term ‘nerd’), except that it creates such a hostile environment for women. And that’s a tragic waste of talent, not least given the current shortage of people with infosec skills.
I can’t confirm from personal experience whether the infosecurity world is any less misogynist than other areas of technology – such as gaming, with its notorious ‘Gamergate‘ controversy. One would hope that a professional area such as ethical hacking might be less prone to the adolescent prejudices that infest computer gaming. But I wouldn’t bet on it.
Indeed, just try hanging out in the 2600 magazine Facebook group for a while. Any mention of women – especially female hackers – is guaranteed to provoke a stream of comments that range from the tediously immature to the dangerously hostile. It certainly doesn’t encourage participation by women. Of course, the people who inhabit this particularly dark cave are most hacker wannabes and ‘leet’ fantasists, so the lack of intelligence and maturity isn’t altogether surprising. And it’s not representative of professional ethical hackers and other security practitioners. But such forums are where the pen-testers and security researchers of the future should be learning their trade and finding support.
Young women who desire a career in infosecurity will have to look elsewhere.
As the title denotes, this book covers the whole range of STEM subjects, so it’s not specific to infosecurity. But the issues, and the solutions, are equally applicable. According to the book’s website: “This updated edition contains new and essential chapters on leadership and negotiation and important coverage of career management, networking, social media, communication skills, and more. With an increased focus on international relevance, this comprehensive text contains shared stories and vignettes that will help women pursuing or involved in STEM careers develop the necessary professional and personal skills to overcome obstacles to advancement.”
Given that there are currently too few women in these domains, finding a mentor who genuinely understands the hurdles a woman will face is difficult. This book aims to be that mentor. It goes well beyond simple encouragement – the book’s 500-plus pages contain a wealth of practical methodologies and proven strategies.
Organisations are being breached every day, and one factor contributing to this is a shortage of people with the right skills. Purely on a practical level, we need women to fully participate in this industry. But a better reason is that, morally and ethically, it’s simply the right thing to do. This book will undoubtedly help.
For more information, go to the book’s home page here.