The time has finally come for me to write the column I have secretly dreaded for a long while. As you are undoubtedly aware, you can Google “how do I get into cybersecurity” and get hundreds of thousands of hits and dozens of advertisements for articles, blogs, classes and schools. But recently, I have been forced to ask myself, how do I leave this career field?
Through a confluence of circumstances including my employment environment, family situation, and finally, a global pandemic, it’s become painfully apparent it is time for me to retire. Like many people, I use the term ‘retire’ loosely. I am blessed to be healthy and engaged and I still have so much I want to yet give to life. But it’s time for me to leave behind the industry I joined when it was called computer security, or CompuSec for those of us in the uniformed services. Goodbye cyber, hello part-time fun work.
The process of disengagement began innocently enough. We are remodeling our house and I was forced to confront several boxes in the attic filled with plaques, awards, pictures, and assorted memorabilia going back to the late 1970s. Like many of my peers, I have dutifully toted these remembrances around from house to house and from the military to civilian life and had even hung a few on what was called an ‘I-love-me wall’ in an office I once occupied at a tech company. But I haven’t had an office outside my home now for many years and hanging these mementos up in my home office seemed silly. Who was I trying to impress? So, up to the attic, they went.
I admit I took a long time to paw through these long-neglected boxes as I leaned back to reminisce and recall people, jobs, and places my wife and I lived and visited over the 40 years of our marriage. I met my wife as I was beginning my career and I am so grateful she is still here to witness this next milestone. We have worked hard, raised a family, and traveled the world. Now we plan to take time to rest and enjoy life, family, and home.
The world of what is now cybersecurity has changed dramatically. Back in the 1980s, it was an arcane offshoot of the broader information technology field centered on operating systems design and cryptography. At that time, the military was the best place to get introduced to the necessary knowledge. Fast forward thirty-five years. Now cybersecurity encompasses a kaleidoscope of disciplines including threat detection, governance, and security operations. Additionally, an entire academic industry has grown up around the need for foundational and continuing education. Innumerable educational bodies from major academic institutions to online startups are competing for your dollar in return for the promise of a leg up into a rewarding career.
In addition to this incredible progress, there have been troubling developments as well. First and foremost, have been the rash of charlatans and grifters seeking to cash in on the mystique of the technology environment. Some started companies selling snake oil solutions while others simply rode the wave of seemingly magic security technology centered on a dark underworld of scammers and profiteers. Secondly, there has been the expected heavy hand of government endeavoring to solve technical problems with legislation and overweening policy proscriptions. The results have been mixed at best, but there is always hope for refinements in the future.
And now my time has come to bow out and let the next generation take on the problems inherent in creating a safe and secure digital world. My race has been run. I still plan to keep a close eye on the industry and continue to convene with my colleagues around the globe. I look forward to bringing you my insights in future columns. In the meantime, someone please pass me that glass of bourbon.