Each time I think I’m getting to the heart of the challenges faced by those on all sides of cybersecurity recruiting, a further complexity raises its ugly head.
While I still think that job titles are horribly limiting, that job descriptions completely miss the point, and that the cybersecurity skill-gap misconception is mostly the fault of the organisations asking for help, there’s no getting away from the fact that cybersecurity recruiters are doing themselves no favours.
I am absolutely sick to death of security vendors using the buzz-phrase Artificial Intelligence (AI) as a descriptor for their product or service.
- AI does not even exist yet, the most you can say is that it’s very clever programming;
- Not everyone is a fan of AI.
So, by trying to claim your product uses AI, you have now alienated 2 types of people; 1) those who hate bullsh*t artists, and 2) the paranoid.
In cybersecurity, there are a lot of both.
It is with thanks to Chad Loder that I write this blog. His post on LinkedIn made me laugh out loud and is what inspired me to propose the CEO Cybersecurity Challenge (#ceocybersecuritychallenge). The very simple post was:
From: Security Team
To: All Employees
Subject: Security Awareness Training
To opt out of this year’s security training, click here.
Security experts will instantly see the simple genius of this social engineering tactic. In just 10 words you get:
Anyone who reads my blogs knows that I’m not highly technical. In fact, I have warned organisations against buying technology [for technology’s sake] more than I have ever recommended it. And I will continue to do so until everyone is following the pre-purchase golden rules:
This is a blatant self-promotion, so feel free to ignore it!
I presented today at the BrightTalk Summit ‘GDPR: One Year Later‘: