Are Cybersecurity Jobs Boring?

Author: Gary Hibberd

Date: 25th June

 

If I had a pound for every time some saild to me that Cybersecurity is boring, I would probably be a very wealthy man!  Personally, I don’t understand how people can think Cybersecurity is boring, and when I’m asked if a job in Cybersecurity is boring I find myself giving an emphatic, “No… but it suffers from an image problem!”

 

Is Cybersecurity boring?

I’ll answer that question by asking if you know the plot lines for the last three James Bond movies, and his next? If not, let me enlignten you;

Quantum of Solace;

Bond on the trail of a world-renowned developer of green technology.

Skyfall;

An ex-MI6 agent steals a hard drive with top secret information to carry out an attack on Bond 

Spectre;

An evil organisation plans to launch a national surveillance network to mastermind criminal activities across the globe. 

No Time to Die

Recruited to rescue a kidnapped scientist, Bond finds himself hot on the trail of a mysterious villain, who’s armed with a dangerous new technology.

If Cybersecurity was boring, why was ‘Mr Robot’ one of the top ranking shows on Netflix for two years running? No Cybersecurity is not boring, but it does suffer from an image problem! And it’s this image problem we need to combat.

 

Is a job in Cybersecurity boring?

Of course I’m going to say no it’s not boring. But let me explain why I think it’s a great career and what it takes to be successful in this industry.

 

Passion for Learning

Firstly I would say that you WILL find Cybersecurity boring if you’re not at all interested in technology. If you have no interest in learning new things, and continually upgrading that knowledge then you will not enjoy being involved in this sector.

BUT.. If you’re the kind of person who is naturally inquisitive, loves puzzles, loves learning new things but also enjoys seeing where we’ve come from, then you might just be the kind of person who will be successful in Cybersecurity.

 

Access All Areas

If you want to be involved in Cybersecurity, you need to be a nosey/inquisitive person. No other profession gives you access to every area of a business; You will be given access to every department, every system, every role, because everyone has a part to play in Cybersecurity, and everyone has an impact on it.

No other job function does this. Not the accountant. Not the HR professional. Not the IT specialist. Not even the owner will have as broad a reach than the Cybersecurity specialist in an organisation. Your role is to find out all the’dirty little secrets’ hidden away in an organisation, so you will need skills in understanding human behaviour, and work on your emotional intelligence too.

I remember when I was just 21 years old, standing in front of a Board table with people three-times my age. They sat mouths wide open as I reported on the Risk Workshops I had conducted, and highlighted the threats and vulnerabilities (technical and operational) that existed in their business. I was privy to some of the most sensitive business ins-and-outs, and it was my job to help them see where the issues were, but then to offer practical tools to help fix the problems.

 

Not all heroes wear capes

When people ask me what I do, I playfully reply by saying “I’m saving the world, one business at a time!”  While this is said in jest, I truly believe this is true. Cybercrime is BIG business. Many Cybercriminals are now organised and highly sophisticated. They are using technology in the same way we are.

They are using AI to carryout widespread and sophisticated attacks. They are using IoT devices to carry out DDoS attacks. And they are increasingly using our lack of knowledge, but deeper reliance on technology against us.Gaps in our knowledge and our systems are a window of opportunity for Cybercriminals,

Since the COVID19 outbreak began, Cybercriminals have increased their attacks dramatically, with Action Fraud reporting an almost 500% increase in crime.

Those of us involved in Cybersecurity for any length of time will have seen the impact that NOT having good security can have. When an organisation suffers a data breach, through deliberate Cyberattack, or accidental, human error; real people suffer.

I have received calls from people who have lost their business due to a Cyberattack. The stress and damage this caused, resulted in relationships breaking down and a marriage failing. Families torn apart and all because someone, somewhere clicked an infected link in an email.

I have received calls from people, in tears, as they talk of their life savings having been stolen from their bank accounts, after falling to some social engineering attack.

As Cybersecurity professionals our job is to help build defences against Cyberattacks, and reduce the likelihood of human error. Our job is often to save businesses from themselves, because people don’t know what they don’t know.

 

Education Education Education

A Cybersecurity professional job is to help educate people, and that means we need to educate ourselves first. Over the years I’ve studied all of the following topics, in varying degrees of depth and intensity;

– Programming Languages

– PC Engineering

– Network Architecture

– Hacking techniques

– Information Security Standards and Frameworks

– Cryptography

– Data Privacy Laws

– Social Engineering

– Human Behaviour

– Behavioural Design

– Leadership

 – Psychology

– Criminology

– Artificial Intelligence & Machine Learning

– IoT Devices

These topics, interwoven into my career journey make Cybersecurity a fascinating journey not only into technology, but into the human condition. If you’ve ever wondered why Cybercriminals do the things they do, then studying these topics might just give you some of the answers.

Understanding these topics have helped mould me into a more rounded Cybersecurity professional, where I am able to leverage my knowledge into human behaviour to combat Cybercriminals, or provide training and awareness programmes for organisations.

 

Conclusion

The title of this blog asks an important question; Are Cybersecurity jobs boring? I don’t believe they are, and I hope I’ve made the case for it.  Now, I’m not saying that every day is a rollercoaster. But if you enjoy learning, and you enjoy going places, and doing things that very few get to do then it’s a lot more exciting than the majority of professions I could mention.

The best people involved in Cybersecurity are passionate about the topic, and about what they do. They have a very clear understanding of ‘why’ they want to get into Cybersecurity. Of course from the outset, anyone working in this field has been seen as a bit, well, ‘strange’!  To be fair, that’s still true to some extent! So feel free to call us weird, strange, geeks, or nerds, we don’t mind. Just don’t say that we’re boring!