COVID-19 has transformed work, but cybersecurity isn’t keeping pace, report finds

Read the Story

Show Top Comments

More like “funding for cybersecurity measures” hasn’t kept pace. Insurance is still cheaper, for now. That is changing though


cyber security in the US is being undermined by capitalist ideals. for example, i have a friend who works as a soc analyst for a startup security company. they analysts are in another country. he’s the only state side analyst and makes less than 80k and no equity. it’s one of those “were a start up but we’re really a sister company of a much larger and established unrelated industry”. so the overseas team has constant turn over and no ability to train. it’s handled by stateside employees which means undertrained analysts are monitoring crucial business backbones.


All of the “work from home is the new normal” people likely have zero cybersecurity training.


When does it ever?


Cybersecurity, as in the huge pool of trained and well-seasoned talent, has absolutely kept pace, I’d like to point out. I know headlines need to be snappy and brief, but seriously, fuck this headline. The subhead is much more honest about all this: >…overwhelmed and unable to move forward, security teams are getting pushback from leadership and simply can’t catch up to necessary post-pandemic modernization. What hasn’t kept pace with the threat level and the exposure everywhere has now, is, frankly, business leaders…and fuck them. Fuck them all, every one of them, because the reason they’re not bothering is they have absolutely no motivation to secure their shit properly. It’s way too cheap to not take it seriously, because if there’s some huge brand-destroying (or even life threatening) outcome, the folks making the big decisions will never be hurt. They’ll never be in any danger, and they won’t even lose their livelihoods. Just look around you at the massive infosec failures recently…do you know the name of even a single executive involved? The people are out there, the tools are out there, the hazards are real, but look…the people in charge of things just don’t fucking care. They *know* the risks, and they’re taking them, every day. They’ll hire the right people, but not enough of them. They’ll give them a little power within their enterprise, but not enough. They’ll pretend to budget for implementing things the right way, but they’ll screw anyone they can over at the last second to shave a little time and pump a little extra money out of launching, literally, anything a bit earlier (even something that could cost human lives). If anyone feels I’m totally mischaracterizing the situation, I dunno man…I’ve worked a lot of jobs in some varied places. I’d have to see some pretty serious evidence to the contrary, because I believe that any government, educational institution, corporation, or even non-profit where what I’m saying *isn’t* the reality the majority of the time, those aren’t the examples that define the status quo these days, those are extremely rare outliers.