生物多样性 分类器多样性_网络安全多样性问题使我们所有人面临风险

生物多样性 分类器多样性

By Frederick “Flee” Lee

弗雷德里克·李(Flee)Lee

I’m from rural Mississippi. Both of my parents grew up on farms, and I spent summers mowing lawns for my mom’s church friends. We didn’t have a computer at home. Lawyers and judges like Thurgood Marshall, doctors and ministers, and my father — a manufacturing engineer — were the role models I looked up to in the South.

我来自密西西比州农村。 我的父母都是在农场长大的，夏天我为妈妈的教堂朋友割草。 我们家里没有电脑。 我在南方仰慕的榜样是像瑟古德·马歇尔(Thurgood Marshall)这样的律师和法官，医生和传道人以及我的父亲(一名制造工程师)。

There was no glamour in the idea of being a computer programmer. The emerging field of high tech was something I was aware of, but a career in cybersecurity wasn’t even on my radar. And, even if it had been, for me as a black kid there was no one in cybersecurity who looked like me that I could have used as a role model. If it wasn’t for one particularly impactful moment, I likely wouldn’t have known that the career I have now was even an option.

成为计算机程序员的想法没有魅力。 我知道了新兴的高科技领域，但是我什至没有涉足网络安全领域。 而且，即使是这样，对我来说，作为一个黑人孩子，网络安全中也没有人像我一样可以用作榜样。 如果不是在某个特别具有影响力的时刻，我可能不会知道我现在的职业甚至是一个选择。

When I was in middle school, my parents took me on a weekly trip to the bookstore. On this particular visit, I found the magazine 2600: The Hacker Quarterly. I read a story about John Lee, aka “John Threat.” In the early 90s, he went by the alias “Corrupt” and was part of the hacker group Masters of Deception. I had no idea what a hacker was, let alone that there were black hackers out there. It immediately sparked something in me.

当我上初中时，我的父母每周带我去书店。 在这次特殊访问中，我发现了2600杂志：The Hacker Quarterly 。 我读了一个有关约翰·李(John Lee)的故事。 在90年代初，他以别名“ Corrupt”(腐败)去世，是黑客组织Master of Deception(欺骗大师)的一部分。 我不知道黑客是什么，更不用说那里有黑黑客了。 它立即在我体内激发出一些东西。

I wanted to learn everything I could about computers and cybersecurity. I had a sense that it could open up the world for me. So, I started reading everything I could get my hands on and taught myself how to code, which led me to a math and science magnet school. My career in technology would not have been possible without the early access to the internet I had at that school. I went on to hold senior security roles at Twilio, Bank of America, and Square before my current role as the chief security officer at Gusto.

我想学习有关计算机和网络安全的一切知识。 我觉得它可以为我打开世界。 因此，我开始阅读所有可以动手的东西，并自学了如何编码，这使我进入了一个数学和科学领域的学校。 如果不尽早访问那所学校的互联网，我的技术事业就不可能实现。 在担任Gusto首席安全官之前，我继续在Twilio，美国银行和Square担任高级安全职务。

Knowing John Threat existed ignited my interest in cybersecurity. Granted, he is not a perfect role model and certainly has a complicated legacy. The federal government indicted him for wiretapping in 1992. But he was the only hacker role model I identified with. Besides, what could be more enthralling to a young boy than something called the Great Hacker War?

了解John Threat的存在激发了我对网络安全的兴趣。 当然，他不是一个完美的榜样，并且肯定拥有复杂的遗产。 联邦政府于1992年起诉他进行窃听 。 但是他是我唯一认同的黑客榜样。 此外，还有什么比“大黑客大战”更能吸引一个小男孩？

It’s hard to overstate the importance of representation, especially when it comes to teaching children that they have the potential to achieve far beyond their everyday realm. Unfortunately, we’re still very far away from a diverse cybersecurity industry. There still aren’t many role models out there for women and people of color.

很难夸大表示法的重要性，尤其是在教导孩子们他们有潜力取得超越日常境界的能力时。 不幸的是，我们离多元化的网络安全行业还很远。 对于女性和有色人种，仍然没有很多榜样。

People who identify as racial or ethnic minorities make up only 26% of the cybersecurity industry. What’s more, they tend to be concentrated in nonmanagement positions, with few people of color in leadership despite high rates of education. Meanwhile, women make up only 11% of cybersecurity professionals, and more than half report they have experienced discrimination while in those roles.

被确定为种族或少数民族的人仅占网络安全行业的26％ 。 更重要的是，他们往往集中于非管理职位，尽管受过高等教育，但很少有有色人担任领导职务。 同时，女性仅占网络安全专业人员的11％ ，并且超过一半的女性表示，在担任这些职位时，她们遭受了歧视。

冒险走动 (Risking Trillions)

Cybersecurity’s diversity problem has severe and widespread implications. It puts every business and person who uses the internet at risk. Bank accounts, social media platforms, and corporate networks are being protected by a group of people who look the same, think the same, and were educated in the same way. There will be blind spots — and blind spots mean vulnerability.

网络安全的多样性问题具有严重而广泛的影响。 这使使用互联网的每个企业和个人都面临风险。 银行帐户，社交媒体平台和公司网络受到一群看起来相同，想法相同并且接受过相同教育方式的人们的保护。 会有盲点-盲点意味着脆弱。

Human error and social engineering scams cause the majority of security breaches that occur today. These attacks use techniques such as phishing emails to manipulate human behavior and trick users into revealing sensitive data or account access. In order to prevent these attacks, the security industry needs to understand the psychology and behavior of all users, not just those from a single background.

人为错误和社会工程骗局是当今大多数安全漏洞。 这些攻击使用网络钓鱼电子邮件之类的技术来操纵人的行为，并诱使用户泄露敏感数据或访问帐户。 为了防止这些攻击，安全行业需要了解所有用户的心理和行为，而不仅仅是来自单一背景的用户。

Cybercrime is projected to cost $6 trillion in damages worldwide by 2021, which is double that of 2015. Malicious actors (the “bad” hackers) are constantly trying to get two steps ahead of those who are trying to stop them. Why give them one more advantage?

预计到2021年，网络犯罪将在全球造成6万亿美元的损失，是2015年的两倍。恶意行为者(“不良”黑客)一直在努力阻止那些试图阻止它们的人走两步。 为什么还要给他们一个优势？

建立更具包容性的行业 (Building a More Inclusive Industry)

To build a more diverse industry, we need to build a more inclusive culture that welcomes people from all backgrounds, including nontraditional backgrounds, who don’t necessarily have degrees from a small handful of elite institutions. That starts by changing the stereotype of the cybersecurity pro. When I worked at a startup early in my career, a manager told me to my face that I didn’t “look like security,” despite a résumé and a computer engineering degree that said otherwise. This attitude has no place in the industry and needs to change.

为了建立一个更加多元化的行业，我们需要建立一种更具包容性的文化，以欢迎来自各种背景(包括非传统背景)的人们，这些人不一定要拥有少数精英机构的学位。 首先要改变网络安全专家的刻板印象。 当我在职业生涯的早期阶段在一家初创公司工作时，一位经理告诉我，尽管简历和计算机工程学位相反，但我“看起来并不像安全性”。 这种态度在行业中没有地位，需要改变。

What’s more, many cybersecurity professionals adopt the mystique of the elite hacker, which can make it seem like a standoffish clique. I understand the appeal of the hacker persona — who doesn’t want to be seen as the coolest person in the room? But it’s not serving us. Elitism creates barriers to entry and intimidates people from pursuing cybersecurity roles, especially if they don’t have role models to look up to.

而且，许多网络安全专业人员都采用了精英黑客的神秘性，这可能使它看起来像是一种僵持的集团。 我了解黑客角色的吸引力-谁不想被视为会议室中最酷的人？ 但这没有为我们服务。 Elitism为进入市场设置了障碍，并威胁人们追求网络安全角色，尤其是如果他们没有榜样值得追究的时候。

Until there are more women and people of color represented in the industry, it’s up to all cybersecurity professionals to serve as role models. That means being the most approachable person in the room, not the coolest. We need to encourage everyone to participate in cybersecurity, instead of hiding behind our hoodies.

在该行业中有更多女性和有色人种代表之前，所有网络安全专业人员都必须充当榜样。 这意味着要成为房间中最平易近人的人，而不是最酷的人。 我们需要鼓励所有人参与网络安全，而不是躲在我们的帽衫后面。

Fredrick “Flee” Lee is the chief security officer of Gusto.

Fredrick“ Flee” Lee是 Gusto 的首席安全官 。

翻译自: https://medium.com/fast-company/cybersecuritys-diversity-problem-puts-us-all-at-risk-998c032b26e0

生物多样性 分类器多样性