It’s become a media narrative that there is a “talent gap” in cybersecurity. The story goes that there are plenty of good paying jobs, but not enough qualified people to do them. On the face of it, there seem to be good reasons. The spate of high profile data leaks and hacks have made security a front and center concern for organizations of all sizes. As the sophistication of these attacks increase, it makes sense that the number of jobs needed would also increases. But Ben Tomhave can’t stand this narrative. He makes the case that this talent gap is actually symptomatic of organizational dysfunction.
Confidentiality, integrity, and availability are the traditional needs that need to be balanced in security according to business need. But Ben Tomhave argues that with the advent of the cloud, availability is often assumed to be at near 100% all the time, and has subsequently moved to a purely operation consideration. It’s an interested dissection of this infosec staple.