All IT Jobs Are Cybersecurity Jobs Now

https://www.linkedin.com/pulse/all-jobs-cybersecurity-now-james-a-davis

Move to cybersecurity or move to cloud. Or do both.

Find more posts tagged with

Comments

boxerboy1168

Might change my WGU program to Cyber security from IT Security...

TechGromit

The way I see it, companies need to stop Nickel and Diming there IT department. Pretty much every company I worked for with the exception of where work now ran there IT department on a dime budget. Running outdated computers and operating systems because they were too cheap to upgrade an application that didn't support the latest version of an OS. Lax patching policies, I remember a corporation that owned several casinos I worked for in the early 2000's got hit with malware that pretty much crippled almost all the PC's, while casino property I worked at did have some infections due to PC not being fully updated, it was no where near what one of the properties had, they pulled all the IT staff from other casinos to remove malware and patch hundreds of the computers. A lot of these computers I personally patched literally took hundreds of patches, they were that outdated. Almost no budget for training personnel, a company I worked at for 15 years paid for only two IT courses the entire time I was there. There low pay didn't exactly attract talent either. When I started out at the casino in IT at Bally's Grand, people were earning more money on the casino floor selling change, not to mention they were getting tips too. IT shouldn't be an after thought, if we have extra money maybe we'll upgrade some PC's or buy a new server. I recall the last year I worked at Bally's Grand (it was called the Atlantic City Hilton by then, now bankrupt) I was asked to help come up with a budget to replace outdated PC's and Printers, I came up with what I thought were some very lean numbers for the 500 computers and 50 printers we had and was told by upper management pick you worst 10 computers to replace. I ended up leaving a few months after that, having seen the writing on the wall.

MontagueVandervort

TechGromit wrote:

Pretty much every company I worked for with the exception of where work now ran there IT department on a dime budget. Running outdated computers and operating systems because they were too cheap to upgrade an application that didn't support the latest version of an OS. Lax patching policies

This is all I've seen so far. Granted, I haven't had many jobs yet (only 3 and then that's even debatable), but it's always an extreme lack of funds and a laziness/blase attitude towards security. It's "good" to see things starting to change but, but I think the result of all of this is just going to be more people with lower qualifications, understanding, and experience working on these issues.

I'm not sure where I stand yet in terms of ... is it better to have more people working on the issue who have lower skills or less people working on the issue who have higher skills.

At least this may solve one problem, and that is companies are starting to take security more seriously which means over time it "should" become a more expected idea to alott more money in this direction.

ITSec14

TechGromit wrote: »

The way I see it, companies need to stop Nickel and Diming there IT department. Pretty much every company I worked for with the exception of where work now ran there IT department on a dime budget. Running outdated computers and operating systems because they were too cheap to upgrade an application that didn't support the latest version of an OS. Lax patching policies, I remember a corporation that owned several casinos I worked for in the early 2000's got hit with malware that pretty much crippled almost all the PC's, while casino property I worked at did have some infections due to PC not being fully updated, it was no where near what one of the properties had, they pulled all the IT staff from other casinos to remove malware and patch hundreds of the computers. A lot of these computers I personally patched literally took hundreds of patches, they were that outdated. Almost no budget for training personnel, a company I worked at for 15 years paid for only two IT courses the entire time I was there. There low pay didn't exactly attract talent either. When I started out at the casino in IT at Bally's Grand, people were earning more money on the casino floor selling change, not to mention they were getting tips too. IT shouldn't be an after thought, if we have extra money maybe we'll upgrade some PC's or buy a new server. I recall the last year I worked at Bally's Grand (it was called the Atlantic City Hilton by then, now bankrupt) I was asked to help come up with a budget to replace outdated PC's and Printers, I came up with what I thought were some very lean numbers for the 500 computers and 50 printers we had and was told by upper management pick you worst 10 computers to replace. I ended up leaving a few months after that, having seen the writing on the wall.

That's pretty bad...oh well, all it takes is one breach for them to get their priorities straight. I was reading about proposed legislature that would ultimately hold a companies management and board of directors personally responsible for any data breaches. I think that's fair, too! It's ridiculous how IT dept's and especially security get low budgets and are expected to keep the operations going. If something happens, we get the blame. IT's role is to support the business and to do that, it needs a reasonable budget.

ITSec14

MontagueVandervort wrote: »

This is all I've seen so far. Granted, I haven't had many jobs yet (only 3 and then that's even debatable), but it's always an extreme lack of funds and a laziness/blase attitude towards security. It's "good" to see things starting to change but, but I think the result of all of this is just going to be more people with lower qualifications, understanding, and experience working on these issues.

I'm not sure where I stand yet in terms of ... is it better to have more people working on the issue who have lower skills or less people working on the issue who have higher skills.

At least this may solve one problem, and that is companies are starting to take security more seriously which means over time it "should" become a more expected idea to alott more money in this direction.

Skills are definitely an important factor in this field, but security professionals also need to have an understanding of the business, which many do not. IT is responsible for supporting the business, nothing more and nothing less. Many people from outside security and IT for that matter are making their way into cyber roles, because they understand how the business functions and can provide much needed insight to prevent attacks.

The modern/future cyber warrior will need to be well rounded in several disciplines to be successful.

UnixGuy

Growth areas (and it's no secret):
- Cyber Security (both technical and non technical GRC/Risk)
- Cloud (with focus on automation, architecture).
- Big data analysis (R, hadoop, ..etc).

There will come a time when servers automatically get spun on demand, run tasks, and get destroyed. Re-imagining is automated. Fewer opportunities will be there but become the automation god who does that and you will have opportunities. Cling to the old ways of managing servers and your job MIGHT disappear.

Programming is still in demand so being a developer is good.

Whatever you do in IT, add some of those skills too: Business knowledge/acumen, sales, people skills, customer facing, diplomatic negotiation.