Here at Beaty Consultancy, we love talking about new technology, and helping you to understand it too. If you’re Into technology as much as we are, you probably think a lot of this stuff is pretty cool. We do, and we’re cool. I know that because my Mum told me.
But security isn’t cool is it? It’s something we add on afterwards because we have to. Let’s talk about what security isn’t sexy.
Why Security Is Important To Talk About
Obviously we’re trying to grab attention with the title “security isn’t sexy”, but it’s an interesting thought.
Where do you think all the best developers and technicians work? What kinds of technologies do you think they work with? I’ll tell you – they’re working for companies on the cutting edge of tech, and they’re using the latest and greatest platforms.
It makes sense when you put everything in context. If we compare a developer to a motor mechanic, we can demonstrate the point. A mechanic might dream of working for a prestige manufacturer, in a formula 1 pit crew, or maybe travelling the world with a rally team. They probably aren’t dreaming of working for a tyre and exhaust workshop – although those folks are super talented too.
And so it makes sense that all the best developers and ops technicians are probably doing a similar thing with their career. They’re working for the big Silicon Valley companies on artificial intelligence, machine learning and quantum computing. Those jobs sell themselves! And in this age of remote working, the talent base from which those companies can recruit is huge.
What can we do?
So how do we make security that bit sexier? How do we make these jobs attractive to the new wave of millennials ready to enter the high tech workforce?
We said at the beginning of this piece that security is something we do at the end of a project because we have to. If you were shouting at us as you read that, 10 house points.
Security specialists are just like developers in their ambitions and drive to be part of something revolutionary, so let’s include them in the revolution! Let’s get the security folks working with the developers and designers. Give them a seat at the table and have a listen to what they have to say.
You can’t have failed to seek the term DevOps. DevOps is the idea that development and operations tasks can be thought of together, and everyone can have an input into either side. Everyone contributes to the conversation about a product as a whole, and everyone’s opinion is valid.
So if we extend that to DevSecOps, it’s easy to see that we’re involving security specialists in with the developers and operations folks. But more than that, everyone else gets a say on the security aspects of projects and platforms too. In this way, we get new perspectives and new talent thinking about secyrity considerations.
How much do the people calling the shots in your organisation really understand cyber security? And that isn’t necessarily a criticism – I’m quite sure most infosec professionals don’t know anything about running huge corporate machines. The point is, there should be a general understanding within an organisation that security is absolutely necessary. The security team should be supported, just the same as any other team, and we should listen to them when they tell us we have problems which need to be addressed.
We have only scratched the surface of why security isn’t sexy here. We have spoken about why it is actually important for technology jobs to be thought of in this way, and why you need your security staff to be excited about what they do. Let’s empower those folks inside our organisations and give them the support they need to do amazing work.
If you would like to start updating your corporate culture, the Beaty Consultancy blog is not a bad place to start! Read all about cloud and security technology here.