An article on this subject in the Boston Globe caught my eye. It lists computer security specialists as one of five categories of recession-resistant careers, alongside teaching, energy/environmental services, food services and health services.
It’s certainly correct. Cyber security is hers to stay and set to grow much bigger. What the article doesn’t tell you is that the focus of demand is constantly shifting, most recently to the softer side, where experienced risk managers with good relationship management skills are in huge demand. Eventually the pendulum will swing back to demand more technical expertise.
Security is a huge umbrella covering a vast array of skills and knowledge. We have a long way to go to develop the career development plans to ensure that future security directors have the range of skills and experience needed to manage a multi-disciplinary team. The starting point is to appreciate the valuable contribution that each person makes. We will always need a mix of hard and soft skills to deliver effective security programmes.
Unfortunately the tendency is for many staff to jump on the bandwagon and rebrand their skills to suit the market demand. That’s a waste. We can’t and shouldn’t aim to turn our top technical experts into smooth risk managers. Instead we should find reward mechanisms that value all areas of expertise.