Welcome to this week’s edition of the Threat Source newsletter.
It’s Cybersecurity Awareness Month, which means it’s time to hug your nearest defender — they’re probably tired, could be facing burnout or just have had too much coffee today.
What makes the cybersecurity landscape even more fraught right now is that qualified analysts, researchers and security practitioners are having a hard time finding work. Several major security firms have recently experienced layoffs or have shut down entirely, at the same time the community is lamenting about a cybersecurity skills gap and a lack of workers.
I was watching TechCrunch’s “Disrupt” conference last week and I found it interesting that one particular panel was discussing the challenges of hiring in cybersecurity right now, and the host of the panel asked if there is a stigma around hiring workers who had been a part of major breaches or security incidents (think: a SolarWinds employee who may have been working there during the major supply chain attack that targeted their software).
I had no idea this was even a going concern among security hiring managers, and it makes no sense why there would be. So, I started looking through job board postings and security forums and found that many active security job hunters are afraid to list if they worked somewhere during a notable incident. For example,
Support the originator by clicking the read the rest link below.
