Friday 23 March 2018

AWSN -amazing group of security professionals

Post by Guest writer Heide Young

Connecting
Supporting
Collaborating
Inspiring….

….these are the core values of AWSN and the standards of the members. That might sound a bit cheesy and like an opportunity to sell you on AWSN, but let me tell you my story…

A few years ago I started paying attention to news articles about how this company or that company was breached by hackers. It occurred to me that I am so dependant on technology, it’s pretty much attached to every aspect of my life and my home…even my home security is online and assessable from my mobile. And then it occurred to me that I have no idea how to keep all my and my family’s valuable information secure.

I wanted to learn how hackers hacked. My thought process was if I knew how they could ‘break in’ then I could secure it.

Now let’s back it up a minute…you should know I come from absolutely no technical background. Even my husband used to joke that I went from never backing up my tech gear to learning to hack haha ….so in my usual mindset to start with the end in mind, but I’m too impatient and tried to rush the process, which meant enrolling in CEH. I gave it a good go and it was eye opening all the tools and techs and how ‘easy’ it was to just download your hacking program of choice and voila off you go. Which scared the crap out of me even more!

I joined AWSN and started getting more involved in the Cyber Security community and was in awe of all the knowledge I was absorbing at every event and meetup. Now I have been to a ridiculous amount of full on technical, hacking, CTF meetups and I try, really try, but they are on another level. But everyone is so welcoming and excited by the challenge to explain it in layman terms for me J I feel like a kid learning new tricks at the playground every time I learn a little more on cyber security.

For me it’s all about learning to keep myself and my family secure and making it relatable to everyday life.

Now going back to me not being technical, my career has been relationship management and business development focused. I was fortunate enough to combine my career skills with my cyber security passion, taking on growing Greythorn recruitment’s cyber security capabilities. I was even more fortunate to have one-ups and two-ups who were the kind of people every professional dreams of reporting to.

I’m a full-time working mom, and I think it’s important to share that I didn’t experience discrimination till I became a mom. To be perfectly honest, I don’t think I fully understood the real meaning of feminism till I experienced discrimination. It was a very hard time and I cannot begin to explain how it affected my and my family’s life. Lucky for me I have an encouraging husband, who’s advice I finally listened to and left.

Since then, it has been my focus to assist others who are in difficult career situations by either advising or connecting them with other professional who can better advise.

AWSN membership base is incredibly diverse, both women and men, some parents, some not, experienced working professionals, and new grads. They span from technical to non-technical professions from entry level to CISO level. It is such an amazing way to connect with people.

For me, it has helped me personally and professionally by expanding my knowledge and growing my cyber security network. I have previously talked about from recruitment perspective women need a bit more encouragement and confidence to just go for it, even when don’t tick all the boxes – and I’m including myself in that statement. AWSN members have given me opportunities to have more confidence and just go for it, even when I didn’t have it in myself. I still remember a particular pep talk from a female member, and anytime I hesitate I remember her words of encouragement, empowering me to believe in myself and go for it. Because I listened to this wise woman and went for it, what it has done for my career has been phenomenal.

I recently relocated to Dubai, which was quite daunting at first, as I didn’t have many contacts here. However, as soon as I told AWSN members, nearly everyone had helpful advice and even referred me to people in their networks in Dubai as well as cyber security groups in the area. I was overwhelmed with the amount of support from AWSN members.

This wonderful amazing group of cyber security professionals is an incredible platform for empowering women through connecting, supporting, collaborating and inspiring. 


(c) AWSN 2018

Disclaimer: The views and opinions expressed in this article are those of the author/s and do not necessarily reflect the official policy or position of any agency, organisation or association.

Tuesday 20 March 2018

Happiness Day - 20 March

 

By Chief Editor and Blog Manager- Amanda-Jane Turner

The United Nations, via adviser Jayme Illien, founded the International Day of Happiness, also known as Happiness Day, when the UN resolution 66/281 was unanimously adopted. This day is celebrated on 20 March each year.

Pledging to create more happiness in the world aligns with the goals of the AWSN. By supporting, collaborating with, inspiring and connecting women working in security AWSN can help promote well-being and happiness in these individuals.



On this International Day of Happiness let's reflect on how we can promote kindness, fun and happiness in our own communities.



(c) AWSN 2018



Disclaimer: The views and opinions expressed in this article are those of the author/s and do not necessarily reflect the official policy or position of any agency, organisation or association.

Sunday 18 March 2018

Infosec for Beginners: Cracking the Linguistic Fortress - by guest writer Kristine Sihto

This article first appeared in the second newsletter of the Brisbane AWSN Chapter. 

Kristine Sihto has been writing intermittently over the past three decades. Most recently, she has found joy in technical writing for Alcorn Security Group. Kristine has plans to self-publish a book of poetry in 2018


Information security can be a hard nut to crack. Infosec professionals come from a wide range of disciplines, with a wide range of backgrounds, but the stories I hear most often are of people coming into Information Security purposefully, scaffolding their pathway through closely related fields. There are people wanting to break in, but can’t find that pathway. They don’t know the right people, they don’t have the foundation skills.
I’m very new to information security. Less than eighteen months, in fact. My current role is technical writer for a security assurance firm, but I came from a background of editing and compliance within vocational training. I hadn’t really worked in depth with IT, and the compliance work I had done really only scraped the surface of data protection.
There is so much to learn in Information Security that people such as myself, who sidestep into the sector from somewhere unrelated, may find it quite impenetrable. The jargon is so pervasive that the people working with information security concepts on a daily basis may not realise that they are no longer using common English. This creates an enormous linguistic barrier to entry, especially when we start talking about ‘the cybers’.
Coming into the sector with a high level of literacy didn’t help with this barrier. Many terms mean different things outside of information technology or cyber security; terms like ‘credentials’, ‘authorisation’, ‘malicious user’, and (as a verb) ‘middling’ (which, as many cricketers will attest to, is the practice of hitting the ball with the middle of the cricket bat). Military terms like ‘attack surface’ may require a fair amount of logic and critical thinking to determine what they might pertain to, and some, such as ‘red team’, are so obscure as to require explanation.
The jargon is made even more impenetrable by the widespread use of acronyms and initialisations, which have no linguistic transparency and require prior knowledge to understand. Put a bunch of them together, and the poor idiot on the other end (e.g. me) has no idea what’s going on!
All is not lost however.
It’s possible to upskill in a reasonably short amount of time, given enough motivation to the task at hand. There are resources available that are easy to access, targeted at giving a baseline understanding of information security concepts, and most importantly, free.
Futurelearn has a brilliant series of cyber security MOOCs (Massive Open Online Courses) that I found to be especially helpful. Introduction to Cyber Security; Cyber Security: Safety at Home, Online, in Life; Cyber Security for Small and Medium Enterprises: Identifying Threats and Preventing Attacks. The entry bar for these courses is very low. The content is presented in a way that’s accessible to a range of learners, such as people with disabilities or people with lower literacy levels, and it covers all of the basics.
There are also free-to-access glossaries available online, and these may be useful not only for informing people new to Infosec, but also people who are being informed by information security, such as C-level executives. I found the Threatsaurus to be particularly useful. Glossaries such as this can assist in bringing newcomers up to the level of jargon usage that everyone else is using.
And of course, one of the best ways to feel your way into a field is to immerse yourself in it. Make connections through Twitter and LinkedIn; follow infosec blogs and podcasts (I listen to Security Weekly); engage with industry events and meetups, such as through AISA or AWSN. Listen and read on a regular basis, and there suddenly comes a point where you start to understand the words and concepts.
I believe it took me a solid six months to get to the point where I was familiar enough with terminology to feel comfortable that I wasn’t going to confuse everyone around me. I still am not at the point where I can take Google out of the equation, but in a highly technical role such as mine, I expect that my relationship with search engines will be a long-lasting one.

(c) AWSN 2018

Disclaimer: The views and opinions expressed in this article are those of the author/s and do not necessarily reflect the official policy or position of any agency, organisation or association.

Friday 9 March 2018

ACSC Conference 2018

Registrations are open for the fourth Australian Cyber Security Centre Conference, in Canberra in April 2018. The conference brings some of the world's top cyber experts together on the theme of From Security to Resilience to address both cyber security practices and building a culture of resilience. 

Presentations and panel discussions cover:

  • cybercrime
  • cyber deterrence, attribution and foreign interference
  • defending the enterprise
  • protecting control systems and critical government services
  • technological disrupters
  • skills, education and the cyber workforce.


Delegates will also get access to great training opportunities and increased engagement with senior government officials and industry leaders – as well as the chance to give the ACSC your thoughts on the government's policy and approach to cyber security.

There will also be a great Women in Cyber Panel, chaired by Sandra Ragg, the Deputy National Cyber Security Adviser, and featuring: Maria Milosavljevic, NSW CISO; Elanor Huntington, Dean of Engineering and Computer Science, ANU; Stephanie Robertson from the NSA; and Mike Burgess, DG-designate of ASD — all of whom are doing presentations at the conference as well.

Don't miss out on a ticket! 
Early bird prices finish at close of business Friday 9 March 2018.


________________________________________________
If you are interested in writing a guest post for this blog please read the submission guidelines here >> AWSNblog-guest_post_guidelines <<
(c) AWSN 2018

Disclaimer: The views and opinions expressed in this article are those of the author/s and do not necessarily reflect the official policy or position of any agency, organisation or association.

Thursday 8 March 2018

International Women's Day - March 8 - #IWD2018

 

By Chief Editor and Blog Manager- Amanda-Jane Turner

March 8 is the United Nations Day for Women's Rights and Peace, also called International Women's Day. The theme for International Women's Day 2018 is leave no woman behind, together we can empower women across the globe.


UN Women is responsible for empowering women and promoting gender equality. They list their priority areas as:


  • Expanding women’s leadership and participation
  • Ending violence against women by enabling states to set up the mechanisms needed to formulate and enforce appropriate laws and services;
  • Enhancing women’s economic empowerment
  • Strengthening the implementation of the Women, Peace And Security agenda
  • Making gender equality priorities central to national, local and sectoral planning and budgeting.

We all have a role to play in empowering women across the world. Each day we can all be a role model for women - by encouraging and supporting each other and raising awareness of the various challenges women face be it in developing countries, in a white collar work place or in juggling maternity leave with a career.  We can mentor women and support them to gain leadership positions. We can empower them by helping them see the skills they have and the value they have in our lives and in the workplace.





(c) AWSN 2018

Disclaimer: The views and opinions expressed in this article are those of the author/s and do not necessarily reflect the official policy or position of any agency, organisation or association.

Sunday 4 March 2018

International Women's day - Empowerment principles - #IWD2018

March 8 is International Women's day, the theme this year is leave no woman behind. 


Supporting the empowerment of women, a joint initiative of UN Women and the UN Global Compact produced a set of principles called The Women’s Empowerment Principles (WEPs).


This is a theme that the AWSN is passionate about with its chapters throughout Australia providing support, mentorship and networking opportunities to encourage and empower women working in security fields.


(c) AWSN 2018

Disclaimer: The views and opinions expressed in this article are those of the author/s and do not necessarily reflect the official policy or position of any agency, organisation or association.

Saturday 3 March 2018

International Women's Day - Gender Pay Gap - #IWD2018

AWSN thanks Linda Shave for writing this insightful article.

 

By Chair at International Digital Information & Technology Advisory Council- Linda Shave

The 8th March represents International Women’s Day and this year’s theme is to press forward and progress gender parity.  It has been some 109 years since the first observance of a Woman's Day was held in New York on 28th February, 1909.  The purpose was to promote equal rights for women and women’s rights to vote.  The 2018 theme is ‘press for progress’.  This theme could be considered optimistic and positive. That is to say that some progress has been made in the past 109 years, however, more needs to be done.
Here we are in the 21st Century and according to the Australia’s gender pay gap statistics report (published by Workplace Gender Equality Agency, February 2018). Women earn on average $253.70 per week less than men. The Australian national gender pay gap is 15.3%.  Gender pay gaps are an internationally established measure of women’s position in the economy.
In this day and age, it seems inconceivable that women are still paid relatively less than men.  This gender pay gap has implications for a woman to support her family and save for her retirement.  There is no denying gender bias and gender inequality is still a big issue for women. 
There is a need to unite thought leaders and communities to press forward and continue to progress the need for gender parity.  Thought leaders who can be influential agents of change.  Engaging with communities and working with policymakers and business to address the root cause of gender pay gap and assist in developing initiatives and policies.  Initiatives and policies that harnesses the full potential of the female workforce, improves female economic empowerment and looks at closing the gender pay gap.
Please see this link for pay gap statistics.


(c) AWSN 2018

Disclaimer: The views and opinions expressed in this article are those of the author/s and do not necessarily reflect the official policy or position of any agency, organisation or association.

Friday 2 March 2018

International Women's Day - Leave no woman behind - #IWD2018 - Guest POst


 

Guest Post by AWSN Perth Chapter Lead- Cairo Malet

As International Women’s Day draws closer, I’ve been thinking a lot about the theme of “leave no woman behind” and how this plays out in my own life and career.

As everyone knows, Information Security as an industry is lacking in women – we make up only 10% of the workforce worldwide. But I like to think (and I may be biased here) that what we lack in numbers, we make up for in enthusiasm! The InfoSec women I have gotten to know over the past three years are not just working to get a foot in the door, they are jamming their feet down and holding that door open for other women to follow.

There are so many big and little ways I see this going on and it doesn’t always get recognised so I’m taking this chance to shout out some of the fantastic ways I see women supporting each other:

1. Strength in numbers.


One of the hardest things I found about breaking into the InfoSec industry was how intimidating networking events could be. Being a newbie is hard enough as is, but being the only woman in a room full of 100 men is like upping the difficulty to torment mode. Inviting other women along to networking events, making sure we all have a couple of familiar faces in the room and facilitating introductions goes a long way to making events more inclusive, particularly for younger women and students who are just trying to find their way.  


    2. Providing practical support

I’ve met a lot of people in InfoSec who are very encouraging – they will tell you you’re fantastic and can do anything you put your mind to. But a lot of women I know are taking that to a whole new level. They don’t just say “you should definitely talk at that conference!” They tell you to talk at the conference, then they help you rehearse your content, provide feedback and will turn up to the event to be a friendly face in the audience. That level of investment doesn’t just stroke the ego and make us think we can do anything, it develops our skills and confidence so we KNOW we can do anything!

    3. Sometimes, they just “get it”

Okay, this one might be a bit knaff but being a woman in a male-dominated industry can be maddening sometimes. And don’t get me wrong, I know a lot of supportive men who are totally on board with my feminist ranting. But, let’s face it, a lot of the barriers women face can be invisible to those who don’t experience them directly. Sometimes, after a long day of having your expertise questioned or your physical appearance remarked upon, it can be a real relief to share that experience with a female colleague and not have to explain why it was so frustrating. They really do just get it because they have been there, done that, bought the t-shirt – and that t-shirt probably didn’t fit because the sizes were “unisex” and we all know that actually means it’s made for men. That unspoken understanding is so, so valuable when it comes to sticking with the work we love, despite the hardships it may bring.

These, and so many other amazing ways I see women supporting each other, are one of the reasons I’m absolutely overjoyed to be not just an AWSN member but also one of the Chapter Leads for the Perth group. So bring on International Women’s Day and let’s aim to not just stop leaving women behind, but to bring the girls right up to the front too.


________________________________________________
If you are interested in writing a guest post for this blog please read the submission guidelines here >> AWSNblog-guest_post_guidelines <<
(c) AWSN 2018

Disclaimer: The views and opinions expressed in this article are those of the author/s and do not necessarily reflect the official policy or position of any agency, organisation or association.

Thursday 1 March 2018

International Women's Day - Sustainable Goals -#IWD2018

 International Women's Day is celebrated on 8 March

March 8 is the United Nations Day for Women's Rights and Peace, also called International Women's Day. The theme for International Women's Day 2018 is leave no woman behind, together we can empower women across the globe.


The United Nations  encourages us to use #IWD2018 to reflect on achievements over the years for women and work on how we can empower women across the world. History about the day can be find from this link UN History of International Women's Day.

The UN shares there agenda to be achievable by 2030:

  •  All girls and boys complete free, equitable and quality primary and secondary education leading to relevant and Goal-4 effective learning outcomes.
  • All girls and boys have access to quality early childhood development, care and preprimary education so that they are ready for primary education.
  • End all forms of discrimination against all women and girls everywhere.
  • Eliminate all forms of violence against all women and girls in the public and private spheres, including trafficking and sexual and other types of exploitation.
  • Eliminate all harmful practices, such as child, early and forced marriage and female genital mutilation.




(c) AWSN 2018

Disclaimer: The views and opinions expressed in this article are those of the author/s and do not necessarily reflect the official policy or position of any agency, organisation or association.

International Women's Day - empowering women - #IWD2018

March 8 is the United Nations Day for Women's Rights and Peace, also called International Women's Day.

The theme for International Women's Day 2018 is leave no woman behind, together we can empower women across the globe.

This is a theme that the AWSN wholeheartedly agrees with and is proud to share that message.





(c) AWSN 2018

Disclaimer: The views and opinions expressed in this article are those of the author/s and do not necessarily reflect the official policy or position of any agency, organisation or association.