Global Information Risk
Management Recruitment
Telephone: +44(0)20 7987 3838 Email:

How cyber security roles have changed over the years

Filed under: Features — Jonathan on September 5, 2013

The digital revolution of the past 30 years or so has had a major impact on how millions around the world live and work. It’s now possible to book a flight from a mobile phone, whilst on a speeding train. Compare that to 10 years ago, when it might just have been possible to phone home with the classic phrase, “I’m on the train”.

However, step changes such as these tend to come at a price where cyber security is concerned. As technology has evolved, cybercrime has become more complex, cunning and wide-ranging. As a consequence both of developments in technology and changes in the make-up of cybercrime, cyber security roles have also changed over the past 30 years or so.

Professionalisation and standardisation

First and foremost, the cyber security industry has seen increasing professionalisation. A good decade before the dawn of the World Wide Web as we know it today, in 1981 a group of hackers broke in to 60 computers at a Manhattan cancer centre. Whilst there were plenty of computer networking experts at this time who had their own ideas about security ready to tackle such problems, there was less in the way of formal professional groupings. However, by mid-1989, the International Information Systems Security Certification Consortium or “ISC²” was founded precisely in order to pull together IT security folk from around the world into an established grouping. ISC² went on to create the CISSP (Certified Information Systems Security Professional), one of the most coveted certifications in the security arena.

One example of such increasing professionalisation is the role of the Pen Tester. In the early days of vulnerability testing, seasoned hackers would be enticed in to large organisations on a semi-formal basis in order to find vulnerabilities, in true poacher-turned-gamekeeper style. By contrast, penetration testing today has come out of the shadows, and is a respected IT career path.

More strategic and focussed on risk management

The emphasis on pen testing is itself a pointer to a second way in which IT security roles have changed. They have become more strategic and focussed on risk management, rather than reactive. According to Bill Brenner, Senior Editor for Security Leadership magazine:

“It used to be that CSOs were over-glorified IT security administrators, babysitting the firewalls… and cleaning spyware off of infected laptops. True, that’s still the role some CSOs find themselves in, but for the majority the responsibility has shifted to looking at the big picture and designing the program that balances acceptable risks against the unacceptable.”

Part of the corporate culture

Finally, another “significant and powerful change”, according to Brenner, has been in the way that security has become more naturally embedded into corporate culture. A string of high-profile security breaches during the 2000s has ensured that security remains high up on the agenda for CEOs. As Brenner puts it:

“The CSO leads the security function within the business and that function is now viewed as a necessary function within the business.”

It could be argued, indeed, that there could be no better time than this current period to be looking for a rewarding role in the security industry.

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment


Please register and browse our jobs so we can help you start a new career!




Acumin © 2006-12