I am so goddamn tired of hearing how the poor corporations around the country cannot find “qualified” candidates in corporate security and so are forced to overwork their current employees who will no doubt soon quit from the stress of it all. Only 2/3 of the total positions are currently filled meaning there are 300,000 openings.
Here’s five reasons and one theory on why it’s happening:
- They can just overwork current employees and ruin their personal lives but when people have had enough they will just find another corpse-oration where there is less work and oncall.
- Management is counting on AI and automation to obviate need for more staffing in the long term but in the short term the morons are getting hacked to death. You cannot automate everything. Humans still need to look through logs and perform manual penetration testing, etc.
- Greed. As usual the cheap bastards are unwilling to train people who have the proper aptitude and can learn the technologies. Good training ain’t cheap but it’s cheaper than paying out 10 million in a ransom for a decryption key you may or may not even get back. Idiotic to the 100th degree!!!!!
- Lack of foresight….”Our stuff won’t get comprised!!!”. They go ahead and accept the risk of getting compromised. Of course when they lose that bet then they want to beef everything up too late. Everyone is going to get compromised at some point and most times it will be from the inside from disgruntled employees.
- HR incompetence. Most people in HR have no idea what these technologies are or what they do. You have to have technical HR that knows the fields and what to look for in candidates. You cannot have 10 years experience in something that has only been around 5 years!!!!!! WTF man!!!!!!!! The idea is to recruit smart people and then train them appropriately. There are NO full stack engineers out there in reality. They’re looking for gods for fucksake!!!!! If we were as picky as they are about hiring HR personnel they’d be standing in a welfare line right now….guaranteed.
Who the hell can know every damn thing??????? Give me a burger break!!!!
The Conspiracy Theory:
Corpse-orations may be greedy but they’re not stupid. They’re starving the cybersecurity workforce on purpose most likely. It’s so obvious that this is intentional. Why? Because if you work out an inside job with the hackers then whatever they steal you can split it with them 50/50 or whatever way is pre-negotiated. Yes people will allow their own companies to get hack to get more money……the same way people kill their relatives to get life insurance. When money becomes God there is no such thing as good anymore.