Really SANS? Reading room paper “Women in IT Security Project Management”
Posted by SecBarbie on Wednesday Dec 2, 2009 Under Women in Security, securityThere is a paper in the SANS Reading Room titled “Women in IT Security Project Management” by Gurdeep Kaur that I came across this morning thanks to a friend of mine. After reading this paper it is clear why I get together with some of the most wonderful women in security to do the gender panels. This piece is actually written by a women, which is surprising as some of the rhetoric could likely be found in a piece from the late 1960′s when gender equality in the workforce in the United States was just in its fetal state.
The paper is written in such a way that the author questions if women possess the critical leadership skills to be successful in IT Security and Project Management, she brushes upon the decline of women entering the IT field, then the paper just gets all kinds of messy! She speaks to ‘Building a strong foundation’ and encouraging girls to stay engaged in the Science, Technology, Engineering, and Math. YET, she then digresses into a generalization about parents influence in their children’s behavior. WOW! Really? My parents bought me my first computer when I was 7, I have a friend who’s parents were government intelligence and she played with crypto when she was young. Both my friend and I were cheerleaders but somehow managed to still love science and math despite this author’s claim that during puberty that we would need additional encouragement. I call hogwash! This is where the paper just starts to spin down and where it becomes easily identifiable that the author is not using as much data to create a fair representation, but rather to justify her position and behavior.
I would like to formally invite the author to be part of our panel in March at BSidesSF during RSA Conference if she would like to defend her points, especially those in the 3 section of her paper. You all will just have to read it to understand that I don’t have enough time to pick apart all that I disagree with.
I am absolutely confused as to why SANS would actually post this to the reading room, this type of rhetoric belongs only in blogs.
Most asinine quote from the paper: “It’s important to prove expertise with an industry certification.”
December 2nd, 2009 at 4:18 pm
I was hanging with the article in the beginning until section 3.0 when it veered into hormone and puberty land. According to the article “Due to biological changes at puberty, girls may require additional support and motivation to help concentrate in math and science courses” RIGHT, because men are so focused on math and science while their hormones are raging…
January 5th, 2010 at 12:23 pm
Just ran across this post now. I read the paper with great interest when it was first posted, and my own thoughts were the same as yours – this should never have been accepted for publication, much less as an article for a Gold certification. You didn’t mention it, but it also appears that the advisor of the author was female. I have frankly not been terribly impressed with the quality of the non-technical papers published in the Reading Room, so much so that I don’t even bother reading them any more.
January 24th, 2010 at 12:37 pm
I remember when this first came up, I expected I would hear chatter on this one, so I set a Google Alert for the title of the paper. All I can say is that it is well researched so the author supports her assertion.
MikeP, I agree that the non-technical papers were starting to range from bad to worse. I think we will start to turn that around. As I have explained to my fellow advisors, management != stupid. We now have a system called rubrics and this gives us a framework to require them to improve. Sadly, they are still mostly papers I would grade as a “C”. However, Johannes is working on videos with tips for researching and writing better papers, so I hope we can earn your attention for the management papers posted over the next six months.
January 25th, 2010 at 7:23 am
[...] Thank you all for the response, but I want to clarify two points that I’m not sure I communicated well in the original post. [...]