Issue link: https://securitytechnologyexecutive.epubxp.com/i/956571
www. SecurityInfoWatch.com • Februar y/March 2018 • SECURIT Y TECHNOLOGY E XECUTIVE 59 What is Wrong with This Job, Anyway? I have been blessed in my long career in what is now known as cybersecurity. When I started in 1988, it was called CompuSec by the Depart- ment of Defense who needed a way to distin- guish computational security from communica - tions-based security (COMSEC) that primarily dealt solely with encryption for risk mitigation. Since then, I think I have held nearly every job in what has grown to be called, for better or worse, cybersecurity. I have mostly enjoyed every job, and every opportu- nity I had to learn as well as the time I made to teach the upcoming generation(s). What am I to make of our profession now were I to rely on the avalanche of articles, press releases, conferences, summits, social media accounts, and other sources of news? A recent trend, if you have been paying attention, are journalists and technology writers cranking out articles on a mere handful of reports about the state of cybersecurity employment statistics. One such study claimed this year, we'd see 1.2 million jobs unfilled. Not to be outdone, a ventures firm has now predicted a 3.5 million shortfall by 2021. In addition, they claim "cybercrime" damages to be US$6 trillion annually worldwide. How they arrived at all these eye-watering numbers remains a bit murky, but the conclusion is obviously meant to add to the FUD fac- tor (Google it if you must). Now, let's introduce another hot topic in the tech- nology and social media: burnout, stress, long hours, and job anxiety. Most of these reports are anecdotal, but the sheer numbers of blogs, posts, and write-ups seems to strike a resonant chord with many in our field. This phenomenon hit full-tilt hyperbole last week when a tech columnist wrote an article about – get this – cybersecurity PTSD, citing long-hours, challenging workloads, and job stress. I get that our profession can have its problems, but PTSD? Puh-leeze! That assertion caused me to run to the laptop and dash off an email to the author describing the horrifying psychological prob- lems still faced by my nephew who had three com- bat tours in Iraq. It turns out I wasn't the only one appalled, and the author received a mail-truck load of responses, none of them sympathetic to his arm- chair diagnosis. In fairness to the author, he eventu- ally retracted the article and rewrote it without the ridiculous comparison to PTSD. Here is what I am trying to piece together from all this. If our profession is in such high demand and pays so well, how do we seemingly have a huge swath of people for whom the job is a soul-crushing experi- ence? Hypothetically, couldn't they just pack up and take their skills a couple miles down the road to get an even bigger salary and better work-life balance? I don't know the real answer, as almost all the "facts" in these cases have been driven by online surveys and anecdotes, so it's difficult to make an academically-sound case for either. It will be inter- esting to watch the professional dynamics as 2018 unfolds. If the number of open positions is truly this significant, we should see a dramatic corresponding uptick in demand for education, training , and skills development for the incoming freshman team. If it's all stress, burnout, and anxiety, perhaps that won't be as noticeable. Time will tell. COOL AS McCUMBER By JOHN MCCUMBER John McCumber is a securit y and risk professional, and author of "Assessing and Managing Securit y Risk in IT Systems: A Struct ured Methodology," from A uerbach Publications. If you have a comment or question for him, e-mail Cool _ as _ McCumber@cygnusb2b.com. Request information: www.SecurityInfoWatch.com/10300750 APPLY www.securityspecifiers.com The Elliot A. Boxerbaum Memorial Award will be presented to a consulঞng or engineering company which designated and specified a completed security design project, accepted by the client in 2017 or the first quarter of 2018. The Award will recognize collaboraঞon, design excellence, uniqueness, creaঞvity, and administraঞon factors which contributed to a highly successful security project. Applicaঞons Due June 1, 2018 S EC U R I T Y D E S I G N P R OJ EC T O F T H E Y E A R the ELLIOT A. BOXERBAUM NOW ACCEPTING APPLICATIONS