Women in Security: Building a Female InfoSec Community in Korea, Japan, and Taiwan

Presented at Black Hat USA 2019, Aug. 8, 2019, 11 a.m. (50 minutes).

The information security industry has historically been a male-dominated field, and today, unfortunately, this situation has not changed much. Indeed, the survey conducted by Frost & Sullivan in 2017 concluded that women represented only 11% of the current information security workforce. While more women are expected to join the information security industry to reach new levels of innovation, still, it is difficult to increase their number because women face many obstacles, such as stereotype bias. One way to bridge this gap is a female community, which can support and motivate women, and produce more role models. In this talk, we will introduce three representative Asian female communities, Power of XX, CTF for GIRLS, and HITCON GIRLS, which are established in Korea, Japan, and Taiwan, respectively. We will first explain how we build and maintain each female community, and then go into the details of how we tackled various challenges, such as building a sustainable community and attracting and retaining new members. Moreover, a comparison of these three communities reveals some of the crucial factors in starting and continuing a female community. One of the examples is that each community started by a few tech-savvy women with the support of an existing local community, such as POC, SECCON, and HITCON. Another example is that all the community members are connected by their interests in technology, such as binary analysis, web exploitation, and playing CTF, and they teach the related topics to each other interactively. We believe that our insights could help start a new female community and encourage other existing female communities.

Presenters:

  • Asuka Nakajima - Security Researcher, CTF for GIRLS / NTT Secure Platform Laboratories
    Asuka Nakajima is a researcher at the NTT Secure Platform Laboratories. She studied at the Faculty of Environment and Information Studies at the Keio University. Her research interests include reverse engineering, vulnerability discovery, and IoT security. Since 2014, she has been a member of the executive committee of SECCON (SECurity CONtest, the largest CTF organizer in Japan). She is also a founder of "CTF for GIRLS", the first security community for women in Japan. She has presented at various security conferences and events, including PHDays and AIS3(Advanced Information Security Summer School in Taiwan). Asuka also serves as a Regional Review Board member for Black Hat Asia, and is an author of the best seller book called "Cyber Attack" in Japan. (Bluebacks, 2018)
  • Suhee Kang - Security Researcher, Power of XX / POCSEC
    Suhee Kang is working at a cyber security company in South Korea as a researcher. She is not only one of the female hackers in Korea, but also the organizer of the POC, Zer0Con and MOSEC international hacking conferences. In addition, she is the founder of a hacking contest called 'Power of XX' ctf to cultivate female hackers.
  • Hazel Yen - Security Engineer, HITCON GIRLS / DEVCORE
    Hsun Yen, also as known as Hazel Yen, is a security engineer in DEVCORE. She focus on web application security and malware analysis now. She is also the coordinator of Hack in Taiwan Conference in 2018 (HITCON CMT 2018) and co-Founder of HITCON GIRLS which is the first security community for women in Taiwan.

Links:

Similar Presentations: