While there is increased stress in cybersecurity and “good days and bad days,” we should also focus on the “tremendous positives” in the industry’s achievements.
Speaking at the Cloud Security Alliance (CSA) summit at the RSA Conference in San Francisco, Phil Venables, board director and senior advisor for risk and cybersecurity at Goldman Sachs Bank, said that despite the challenges, there are 10 reasons to want to stay in the cybersecurity industry:
- You get to be involved in pretty much every part of everything your organization does with natural focus on the customer
- You need a range of skills not always found in other roles – which are individually portable and collectively indispensable
- You get to take both broad and deep tech and business perspectives and rapidly learn the interplay between them – up and down the organization
- You get earlier career exposure to senior people, inside and outside, and you become ultimately entwined with the core processes of your organization
- You learn how to spot the failure modes of anything
- You have fascinating and quickly evolving adversaries and, as a result, you are constantly learning and developing
- You have amazing personal resilience, and an innate long-term optimism that things will keep getting better, perhaps because of your implicit short-term pessimism
- You have a higher purpose. You are defending the flow of ideas/innovation that are essential to human progress – adding value to society – protecting people’s information and livelihoods (and sometimes lives)
- You are usually good with incremental approaches, handling complexity and taking a systems-wide view
- You are part of an amazing community
He also said that “until you’ve stepped out of security into another risk, IT or business role, you don’t realize how unique our camaraderie is.”
Venables added that a career in cybersecurity can give you a certain resilience, as there are good and bad days, but this can lead you to take “incremental approaches” to let you work organically through an environment.
“You also build a range of skills, as you have got to be a risk professional, a business product specialist, a security technician, a buyer, a sales person, an influencer, you have got to understand organizational strategy – you get to experience all of these things.”
Venables also said that cybersecurity professionals are involved in something that is “tremendously important to the organization, as we protect the flow of ideas, capital, innovation – they are essential.”
He concluded by saying he hadn’t acknowledged the benefits of the camaraderie until he stepped away from being a CISO to a more mainstream role, and he missed the sharing and education side of the industry. “When you’ve had a bad day, there is a community there supporting and sharing issues.
“We’re working in a fantastic time as we’re always thinking forward about all of the difficulties and all of the things to overcome, and what the next threat is going to be, but look back over the past few decades and what has actually been achieved to defend our organizations and our communities,” he said. “There has been failures, but there's also been successes.”