Hi! I am Nick Gipson, the Director of Cyber Operations here at Pareto Cyber. This is the introduction to my series on “10 Things I Hate About Cybersecurity: A Love Story” where I dissect the problems within this industry and my personal encounters with them. You can find the philosophy behind this series as well as links to all the installments below.
What is Cybersecurity For, Really?
I’ve worked in cybersecurity for almost 10 years now.
So, sometimes I find myself getting caught up in the details of a new malware type that’s making headlines at the time or in the correct configuration of an endpoint detection tool. The details are important in such a technical field, of course. But every so often we need to step back and look at the big picture.
What is cybersecurity actually for?
I’d say that the key reason we do all of this work is ultimately simple:
Cybersecurity helps us make sure that data remains in the hands of the people who own it.
That’s it.
We are here to serve our clients and to help protect their businesses from malicious actors and accidents that technology is so frequently prone to. Our job is, ultimately, an essential service in the digital world.
Problems with the Cybersecurity Industry
I love cybersecurity. I also like to call out issues within the industry when I see them.
This series is my way of doing that.
I’ve outlined 10 specific problems that I encounter within the cybersecurity industry across different types of companies, services, and tools. All of these things are hurting our key goal of protecting data for our clients. All of these things are also easy to fix.
While I am basing every story on my own professional experience at Pareto Cyber and my previous jobs, every issue applies beyond the specific organization I’ve worked with. These issues are everywhere in our field.
The 10 Things I Hate About Cybersecurity
In my mind, these are some of the biggest problems hindering the cybersecurity industry from growing:
- The Trust Trepidation
- The Ticket Mill Frustration
- The “We Need a CISO” Conundrum
- The “One Size Fits All” Approach
- The Detect-Only Scheme
- The Ping-Pong Table Illusion
- The Integration Limitation
- The 18 Months and Out Theory
- The Skills Gap Fallacy
- The Overnight Shift Obligation
I hope that by following along this series with me, you will also notice how these problems are hurting this industry. I also hope that you may be able to gain some insights as to how you can help solve some of these issues and improve cybersecurity for us all.
Posts in This Series
This series will have 12 posts total, covering all 10 reasons why I hate cybersecurity, as well as an overall introduction to the series (which you’re reading right now!) and a conclusion to look back on everything we’ve discussed. New posts are going to be released on our website every Thursday and Friday.
You can find the links to already published installments as well as a release schedule for upcoming posts below:
- Introduction (this post)
- The Trust Trepidation
- The Ticket Mill Frustration
- The “We Need a CISO” Conundrum
- The “One Size Fits All” Approach
- The Detect-Only Scheme
- The Integration Limitation
- The Ping-Pong Table Illusion
- The 18 Months and Out Theory
- The Skills Gap Fallacy
- The Overnight Shift Obligation
- Conclusion: Why I Still Love Cybersecurity