07-12-2022 04:35 PM
I saw a really interesting conversation on LinkedIn. It was getting quite heated, due to the controversial take on IT, saying that traditional IT is dying. Changing a lot, perhaps, but dying? I'll quote it and then let y'all decide. So what do you think about this hot take?
Yikes on bikes—are you ready for this? I would normally credit the author, but I just don't want to throw anyone under the bus today.
The problem with IT as a pipeline into cybersecurity is that IT is dying. Well, at least, traditional IT is dying.
Back in the day, IT was all about data centers, physical networks, racks, servers, and building apps from scratch. A large company could have dozens of IT departments and thousands of IT workers.
IT isn't like that anymore. On-prem is dying. Everything is cloud now.
All the traditional "IT stuff" that used to take teams of people weeks and months to do, like setting up a new database server, now take a few seconds and a single person. Run a script, click, done.
It's the same with security. There are some security controls that literally take a few seconds to enable. Need a network firewall? Click here. Need to add a logging source into your SIEM? Enable this plugin.
IT has been automated and simplified to a point where companies no longer NEED dozens of IT departments and hundreds of IT workers. Those jobs are long gone.
This is great for the business, but it really sucks for people trying to break into cybersecurity. Before, you could spend a few years in IT and transition quite easily into security. No one would blink twice.
But now? Impossible. You can't transition from IT into cybersecurity because there aren't any IT jobs to transition FROM.
It must be so massively frustrating to hear advice like "Just do IT first. Be a network engineer first and switch over to cyber. That's how I did it."
We need a new way of thinking about our cybersecurity talent pipeline. We can no longer put our hopes in the IT pipeline.
Because that pipeline is gone folks.
It's GONE.
Like someone's post? Give them a kudo!
Did someone's answer help you? Please mark it as a solution.
07-19-2022 02:32 AM
Changing or dying, in some way the end result will be the same: The "traditional IT" that is referred to will disappear and become (already is?) niche. When that is said, something else will take over and become the "traditional IT", as I see it this will be cloud.
While a lot of IT has become much simpler and easier, there is also a lot more of it. This has spawned a lot of new business within the IT area and every company is over the years increasing their IT usage.
So the route to cybersecurity might no longer be through traditional IT, but rather through Cloud IT. And another way I see, at least in Denmark where I am based, is that educational institutions are seeing the need of Security-related educations and increasingly offer these areas.
Jumpcloud is a good example itself of the switch we see in traditional IT. Before a company would have on-prem Active Directory. Now, we see new cloud-based options taking over from the traditional way of doing things.
I think, on an individual level, it is important to not get stuck in how it was, but rather embrace change and take up the challenge to learn and grow with the changes.
07-25-2022 03:25 PM
I think the original post is a gross oversimplification. No IT jobs to transition from? In what world? It's changing a lot, yes. But almost every industry does. But they made it sound like you don't even need an IT department at all. Uh...nope. Who's going to manage your assets, access to data and software, updates, deployments, your network, and so on? IT used to be narrower or maybe simpler in some ways. But to say it's dying is just bordering on, I don't know, clickbait? We have so many IT pros here, though, I wondered what y'all think about how things have changed in the last 5-10 years. (Change, yes. Dying? Nope.)
Like someone's post? Give them a kudo!
Did someone's answer help you? Please mark it as a solution.
07-25-2022 04:24 PM
Things in the IT world are definitely becoming more cloud based. When efficient and stable cloud infrastructures are set up such that they don't need to be managed as much it will indeed cut back on the need for personal within a single company. Conversely, the size of the pie of IT jobs is not decreasing due to an increase in the need for companies to have some form of IT personal either hired or contracted to manage the cloud infrastructure. There is a lot of automation in Cloud based IT that turning it off and back on again doesn't work with anymore which is requiring a specialized role for IT staff to take on and manage those systems.
To the point that the original poster was making, I think they were more talking about how the shift in dynamic from how IT was traditionally to how it is now makes things more difficult to shift from an IT role into a security role. I think one thing that is missing from that perspective is that Security is also changing to become more Cloud based as well. With more people connecting to virtual desktop environments and the security solutions for cloud based infrastructure being cloud based as well. I do agree that the decrease in traditional IT jobs has made it more difficult to get into traditional security jobs as well. At the same time that transition from cloud IT jobs to cloud security jobs has increased.
The point that they are making that the advice they are receiving on how to transition into security from IT has also lost a lot of the weight that it once held. The nature of IT work and even security work is changing and relying on advice on how someone with a lot of experience in security did it 5/10/20 years ago may not benefit as much as how someone with little experience in security did it 1/2/3 years ago.
New to the site? Take a look at these additional resources:
Ready to join us? You can register here.