Recession-resistant careers

An article on this subject in the Boston Globe caught my eye. It lists computer security specialists as one of five categories of recession-resistant careers, alongside teaching, energy/environmental services, food services and health services.

It’s certainly correct. Cyber security is hers to stay and set to grow much bigger. What the article doesn’t tell you is that the focus of demand is constantly shifting, most recently to the softer side, where experienced risk managers with good relationship management skills are in huge demand. Eventually the pendulum will swing back to demand more technical expertise.

Security is a huge umbrella covering a vast array of skills and knowledge. We have a long way to go to develop the career development plans to ensure that future security directors have the range of skills and experience needed to manage a multi-disciplinary team. The starting point is to appreciate the valuable contribution that each person makes. We will always need a mix of hard and soft skills to deliver effective security programmes. 

Unfortunately the tendency is for many staff to jump on the bandwagon and rebrand their skills to suit the market demand. That’s a waste. We can’t and shouldn’t aim to turn our top technical experts into smooth risk managers. Instead we should find reward mechanisms that value all areas of expertise.       

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Here here, on so many levels! Along with a huge sigh of relief ref. being "recession resistant" :) Andrea
The future of this career path is wholely dependent upon the professionalism of those within it. Anyone can call themselves a Security Analyst or Information Risk Consultant with little or no independent verification of skill, experience and most importantly competence and behaviours. For too long some parts of the information security community have been clubby and cozy with things done informally over a quiet chat, with risks being ignored as long as policy was followed to the letter. This must not continue, otherwise the profession faces the situation of losing it's credibility in the eyes of both IT and senior management. I feel we have a long way to go in order to increase our capability maturity.