IT security staff have a job for life – possibly a grim, frustrating life

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.theregister.co.uk/2015/08/05/it_security_jobs_grim_in_future/

Speaking at the opening of the 18th Black Hat security conference, its
founder Jeff Moss warned the assembled throng that while they might have
job security, they weren't going to have fun in the next decade.

"We are all employed for life," Moss said. "It's interesting, I see
problems and challenges and on one hand am really excited, but on the other
I just want to sleep."

The decisions made over the next five years will affect the use of
technology for the next 30 years, and so far the signs aren't good, Moss
said. What's coming is a mix of old problems revisited and new ones coming
down the line.

For example, the crypto wars are back, he said, and a new generation of
politicians and law enforcement officials are demanding backdoor access to
cryptographic software, just as they did in the 1990s. It's up to techies
to show them why this is a bad idea, Moss said.

A new problem is the rise of cyber insurance – in 10 years between a
quarter and a third of IT security budgets are going to be taken up paying
insurance against intrusion and not defending the network. Getting a payout
when your system goes down is nice, but you can't run a business like that,
Moss warned.

Software companies are also going to have to step up and take
responsibility for their products, Moss warned. Without some kind of
liability, the industry will still be in the same mess it is now in 20
years time.

"Boeing and Airbus are basically managing flying data centers and they
operate under liability," Moss said. "An Oracle data center has no
liability and that's not going to last – companies want a level playing
field."

Software liability need not be punitive, but there must be some way to get
companies to take responsibility for their flaws, Moss argued. Without
that, nothing in the industry will change.

Change was a constant theme of Moss' talk. He pointed out that when he
started out in the hacking field, software piracy was legal, as was
tinkering with hardware. Both are now illegal – and in the UK, mandatory
minimum sentences for piracy are now being proposed.

This is the biggest Black Hat yet, Moss said, and it was up to every
attendee to go out and advocate for change. Hacking is fun, but unless
those who do it step up to the plate, he warned, things could get very grim
for the next generation.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!