Somewhere there’s a shooting star with a cybersecurity professional underneath it wishing for something that would improve the industry.
Changes like the rise of remote work and cloud computing has pushed the cybersecurity industry into new territory. While CDW VP of Security Solutions Stephanie Hagopian told IT Brew that the job of a cybersecurity professional is not “conceptually difficult,” she said variables like tech sprawl, AI, and the ongoing talent shortage tend to complicate things.
“We all know what we want to do, but to do it well and to do it without…impacting latency and all the things that you need so that the business runs successfully is really difficult,” Hagopian said.
IT Brew asked cybersecurity professionals about the one thing they would change about the industry to make it better. Unsurprisingly, they didn’t hold back.
These responses have been edited for length and clarity.
Troy Batterberry, CEO and co-founder of EchoMark, said he would increase regulation in the industry instead of solely resolving problems with technological answers.
“I’ve been having this discussion with a lot of other leaders in the industry and I think the reaction is always natural: ‘Are you crazy? Why would you want more regulation?’ It’s because we as an industry are not solving these problems fast enough and we as an industry are allowing bad foreign actors in nation states to earn dramatic amounts of money to fund their terrorist activities or their other campaigns. It’s time for us to think about this problem, not only through technology, but also through regulation that would move the needle.”
Randolph Barr, CISO at Cequence Security, said he would tell security professionals to ease off the block button.
“When I started out as a security guy, the first thing that I would do is just block everything. It’s similar to what a lot of security professionals are doing somewhat recently, as of a couple of years ago, when AI started becoming a lot more popular. The initial reaction for a lot of security professionals like myself is to block access to that. What we realized soon after is that we were disabling the ability for users within the company to be able to leverage some of these tools that are coming out to be a lot more productive…so we ended up having to allow some of that in or catch up on some of the security reviews.”
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
Noam Vander, CISO at IT management platform Atera, said he wants the industry to be more proactive and less reactive when it comes to breach response.
“The industry is a lot of the time waiting to be breached and then respond[ing], and I think the focus really should shift to making more robust products that incorporate security by design.”
Thi Tran, assistant professor of management information systems at Binghamton University School of Management, said he would change the misconceptions people have about the cybersecurity industry and where its threats come from.
“When people talk about cybersecurity, they only think about the guy sitting at home and writing all of the code that would go into the attack. Yes, that’s true, but it’s just only a very small fraction of that and all of the statistics and numbers actually prove that.”
Stephanie Hagopian said she would transform the perception of security from being just a cost center to being an enabler for a business.
“If I could see anything change across the board, it would be that and it’s happening in silos. It’s happening in bits and pieces in an ad hoc fashion, and that’s why I have a lot of hope it is gonna change.”