"Lack of talents in cybersecurity", it was a title on one of the miriard articles and posts about current sorry state of security in IT. So at the moment there is shortage of people, in that branch but what are actually expertise, skills and capabilities, what problems have to be solved by this people and why they are called talents and most important why there is shortage ?
I don't think it was much reaserached but more seen as golden opportunity. Educational / training industry is mass producing certified experts, recruiters are recruting, experts are "experting" all around but somehow only one gaining results are attackers.
Actually there was one research here, recently among employers about IT sec. profession and IT security general, it turns out that virtually no employer see a need for such expertise or knowledge in next 10 years period.
Lets get back from local peculiarities to big picture.So there is a shortage of cybersecurity experts, without actually providing a definition what is a "cybersecuirty talent", it's a bit fishy isn't it ?
And most of it how this new branch of experts will fit into existing systems ?
I should say it is a big failure of academic education and professional trainign since a huge amount of IT professionals are stamped out each year and somehow all this professionals are missing security awareness and skills. It simply sounds silly if someone will hire programmer who does not know to write safe and reliable code but looks like this is a standard practice Same for the syadmins or any other role in the big picture. What I like to stress is ability to provide secure and reliable IT products and services, not to produce and use new branch of epxerts, It is like a game of adding people to project which is late, it will only slow it down and make things worse.
You don't need to be rocket scientist or cybersecurity talent to know that if you enterprise is running on windows infrastructure you are in trouble. It is actually fixing a problem from inside of system, not from top with blessed talents. There is gaziolion of vendors, tools companies, almost miracle makers and not much more security and reliability. It is fun watching all this but somehow I'm expecting to see cyberplaque (I can't resist to user Cy-word again) like old black death plaque with real deaths before something change ...
