Why Do You Want to Work in Cybersecurity?

CyberLite May 11, 2021

Welcome to all the new CyberLite readers who’ve joined since the last issue! If you haven’t joined them yet, you can get the most impactful news in cybersecurity delivered to you each week by subscribing here.

This issue isn't a traditional one as I'm away all week so haven't been able to keep up with everything in the news, so instead I've decided to write about why I'm so excited to be working in cybersecurity. Normal programming will resume next week!


When I was applying for security positions as a graduate I did a lot of video interviews (I can only thank the pandemic for that) and I was reliably asked again and again, "Why do you want to work in security?". Initially, I'll be honest, my answers left a lot to be desired. But with more time to think I started to really understand what was driving me and I finally landed on the key reason why I wanted to start my career in security. Enabling innovation.

Innovation is something that every technologist is passionate about; we want to change things, we want to break things and we want to see progress happen as fast as humanly possible.

Security done incorrectly is a burden to innovation; developers complain about security holding them back and slowing down the implementation of new features. But if security is done right then it can enable innovation and allow it to be done in a safe and sustainable way. I want to enable people to carry out constant innovation, unburdened by security concerns. That's the gold standard for what security can be and I want to be part of realising that.

In a recent issue of Clint Gibler's excellent tl;dr sec newsletter he summarised a presentation given by the former director of Android security; it's a perfect example of how security can enable innovation.

Having your security team focus on minimizing risk is setting your sights too low. The goal of a security org should be to facilitate the types of experiences that weren’t possible until we had achieved that level of risk mitigation.
When I led Android security at Google, we had an incredibly high security bar. Why? We were building an OS, a platform upon which billion dollar companies like Uber were being built. If we built a fundamentally insecure platform, all of these companies building on top of us would fail. Framing it this way caused us to view Android security very differently internally and helped drive conversations with development teams and product.
The security of the platform you’re building unlocks business potential. This fundamentally changes the conversation with the business- it’s not about minimizing downside, it’s about unlocking upside.
Historically, different product groups and parts of the business meet at the table and come with the promise of “unlocking upside” and “unlimited potential,” while security shows up talking about “minimizing downside.” That’s why security hasn’t had a seat at the table. But no longer - building secure platforms can unlock massive business upside. Link.

I hope that’s provided some inspiration for those of you looking towards a career in security. If you’re asked “why do you want to work in security?”, maybe this can help you find your answer.

Security can't be considered a barrier to speed. Remember, cars have brakes so they can go fast! We need to ensure software can develop quickly too, protected by application security and not hindered by it. Link.

❤ Liked what you read?

Nothing helps me out more than sharing CyberLite with a friend who might enjoy it. If you do please tag me so I can say thanks!

If you’re that friend… Sign up here to receive CyberLite every week!


🎁 Wrapping Up

If you’ve got questions, comments or just fancy a chat then shoot me an email or send me a message on Linkedin/Twitter. I’d love to hear from you!

Thanks for reading, I’ll catch you next week!

Oli

Oliver Kitchin

Cybersecurity consultant. Passionate about people, technology and the great outdoors. He/Him.

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.