The Coming Barrier to Cybersecurity – Loss of Apostles, Evangelists, and Advocates
Odd to create a website primarily about cybersecurity to some extent writing early about its downfall. Let me explain what I expect and why I expect to offer services anyways. I believe that some extent, the great recent interest in cybersecurity has been driven by the anticipated growth in the job market for related specialists. This is to say, significant numbers of people were extremely committed: they pursued often expensive programs; dedicated maybe years of study; sought out multiple accreditations. They did so because employment from this field was expected to be robust. Much like investors in a “bubble market,” many poured in it seems roughly at the same time. This is the nature of how the mass-market works. There are these convergencies that occur to support the production process. In this case, the machine has been manufacturing cybersecurity graduates.
For me, it is reasonable to expect, on the absence of jobs in the field, a kind of “negative-effect” – perhaps similar to the initial excitement but in reverse. Because apart from being in cybersecurity, it is important to recognize the broader role of graduates in the promotion of their field. They felt that they had ownership over topics and articles pertaining to cybersecurity. They promoted themselves as authorities – or at least, trained individuals open to employment. The students and graduates themselves contributed to the excitement. There were also the educators, equipment and software manufacturers, anyone who could find a niche. Add to all of this the backdrop – the constant news of hackers successfully stealing data and physical goods, and of compromising networks. Perhaps, it is bad luck for this buoyant ephemera to hit broader moves by companies to reduce costs and automate processes as much as possible. Although threat actors remain a real force affecting companies, it is tempting to dismiss the industry’s rise as part of just another fad.
What has been missing for cybersecurity has also been absent for AI – a cohesive integration package providing operational norms for companies. It is necessary to “find a place” for cybersecurity – for example, beyond what is currently offered by IT. “You want us to hire J. Smith into this role? To do what exactly? Let’s say he came in tomorrow morning. What will he be doing – and how can we determine it has been done – and that the company has benefitted?” I expect cybersecurity to remain a relevant field for decades to come. As the industry navigates through the changing business landscape, it is worth noting that the graduates of today may not necessarily be those who eventually benefit. It is a depressing thought of course for those who have already made a commitment and are seeking jobs right now.
As the main proponents of cybersecurity drop off, I there will likely be a considerable level of rationalization in the field. The industry will question what jobs and skills are genuinely required by companies to deal with actual problems. The attacks will certainly continue. It is a success story for hackers, being able to eliminate the job prospects for the defenders of today. I suggest that timing is important – as is having diversified skills. When human resources screens for a candidate, the company might indeed be willing to bring in specialists – who can also do other things. It isn’t out of the question, for example, for a logistics manager to also have an in-depth understanding of cybersecurity – since threat actors are beginning to intercept shipments. This diversified body of individuals will likely be the true cybersecurity experts of tomorrow. They will be able to apply a cybersecurity lens to enhance their domain expertise.
It is possible that the jobs so many cybersecurity graduates dreamt of having might not genuinely exist in the future – despite a strong demand for individuals with related skills. I remember when studying human resources, an instructor mentioned that a company would likely need 200 to 400 employees before requiring a full-time human resources specialist. Well, somebody needs to handle the duties even with only 2 to 4 employees. Sorry, it is not going to be a full-time specialist covering the needs of 2 to 4 employees. A small company might have an office administrator handling payroll and human resources. It is certainly interesting being in a field influenced by what the public has so often seen in movies and television shows. But now it is time to talk about the actual jobs people will be doing.