Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Security Businesses

The Cybersecurity Industry Is Hiring, But Young People Aren't Interested 289

Posted by samzenpus
from the no-thank-you dept.
Daniel_Stuckey writes "Cybersecurity, as an industry, is booming. According to the Bureau of Labor Statistics, jobs as network systems and information security professionals are expected to grow by 53 percent through 2018. Yet, young people today aren't interested in getting jobs in cybersecurity. By all accounts it's a growing and potentially secure, lucrative job. But according to a new survey by the defense tech company Raytheon, only 24 percent of millennials have any interest in cybersecurity as a career."
This discussion has been archived. No new comments can be posted.

The Cybersecurity Industry Is Hiring, But Young People Aren't Interested

Comments Filter:
  • hire me (Score:5, Insightful)

    by Anonymous Coward on Thursday October 24, 2013 @02:16AM (#45220973)

    I'm not a millennial, but I am familiar with computer system security, and while I don't have a security clearance, I do have a clean record which makes it possible to get one. Perhaps raytheon et al are simply expecting too much for too little pay. They're not going to find BS degree'd, clean cut 20 somethings with no criminal record if they insist on offering $12/hr wages. That mythical 22 year old working 22 hours a day for 22k a year doesn't exist.

    The employees are out there but they cannot work for chinese slave labor wages, nor do they want that lifestyle.

    • Re:hire me (Score:5, Interesting)

      by InfiniteLoopCounter (1355173) on Thursday October 24, 2013 @02:49AM (#45221079)

      I have to agree. I would have worked for Raytheon if they were interested in me as I have all the required study and would work initially for cheap, but they have basically said f*** o** to me in the past with no response. How am I supposed to now be interested in working for a company that only seems to want people with existing experience as well as skills? Sounds like they want to avoid training anybody and have poor HR people, do little advertising at universities, and cry like babies when they "can't find anybody."

      • Re: (Score:2, Funny)

        by Anonymous Coward

        If they are having labor shortages they need to hire more Chinese H1Bs.

        • Re: (Score:2, Interesting)

          by Anonymous Coward

          Yup, There is no labor shortage, They Just want to hire very cheap foriegn workers. Notice who is publishing the report, a company that wants to hire cheap labor.

      • Re:hire me (Score:5, Insightful)

        by NJRoadfan (1254248) on Thursday October 24, 2013 @06:17AM (#45221721)
        If the job required any sort of federal security clearance, chances are they were looking for someone who already had one. They don't want to spend the time and money on getting clearances.
        • by todrules (882424)
          Good point. And with the overall, general hatred towards the government these days, people aren't looking to work there, including the military, since there is a war going on. General government work, and especially the military, have been places in the past where most people get their security clearances. Then, they can leverage those to get a job in the private sector. It doesn't look like that's happening like it used to.
        • Re:hire me (Score:5, Informative)

          by Anonymous Coward on Thursday October 24, 2013 @07:26AM (#45222035)

          They don't want to spend the time and money on getting clearances.

          First, the contracting companies that hire the people do not pay for the clearance. The fed pays a third party to do all the investigations. It is all about the time. It can take a year or more to get a clearance. The government will not put any one in for a clearance unless they are working on a contract that requires that the person has a clearance and most contract will not allow a person to work on the contract unless they already have a clearance. It is a catch-22.

          • It may take that long now, but when I worked on Roscoe, my clearance only took about a month. More correctly, most gov contracts requiring clearance won't allow a contractee to work on the project until the clearance is granted. I didn't have it when my company contracted me, it was just dependent upon my gaining the clearance.

            But yes, neither I nor my contractor paid for it.
          • Re:hire me (Score:5, Informative)

            by thoth (7907) on Thursday October 24, 2013 @10:28AM (#45224007) Journal

            No, that's not how it works now (recently).

            Somebody pays for that clearance process and it boils down to the hiring company, granted they may reflect that in their rates and the difference between what they charge the customer and pay the employee (rolled up into their nebulous "overhead"). The process is typically a few months, rarely a year.

            The way the catch-22 is resolved is you'll be hired as a short-term contractor (~6 mo) and given minor/lower level work while waiting for the clearance. If it doesn't come, the contract ends and you look for something else.

            It is just less risk for them to hire somebody with one already - modern corporate America doesn't want the risk and prefers not to invest in their workforce unless they have to - such a person can start earlier.

        • Re:hire me (Score:5, Informative)

          by Notabadguy (961343) on Thursday October 24, 2013 @07:28AM (#45222043)

          What the civilian world calls cyber security, the military calls information assurance (IA) and information warfare (IW).

          My personal story:

          I was in the army's IA ranks. I had an active TS/SCI clearance, had published policy papers within my...inner specialty, was a welcome addition to Defcon - I have an Ivy League education, at the time had an incredible network of IA/IW contacts, and left the army as a JMO (Junior Military Officer).

          When I left the army (at 28) I was considered a hot commodity in the cybersecurity world. I interviewed with both Raytheon and SAIC, and turned down head-hunters from several other companies. Both companies made me an offer; SAIC for $55,000 a year, and Raytheon for $42,000 a year. Both offers were less than I was already making, and both companies explained that everyone starts at the bottom and works their way up. I declined both and took a position outside cybersecurity for $79,000/yr.

          At the time, cybersecurity wasn't willing to pay a clean-cut, clean-record military officer already in the field with requisite training, clearances, background screening and aptitude as much as I already made in the military, and the military isn't where high dollar jobs are.

          • Re:hire me (Score:5, Insightful)

            by Salgak1 (20136) <salgak@NOspam.speakeasy.net> on Thursday October 24, 2013 @07:57AM (#45222241) Homepage

            It's the same way at higher levels and higher clearances: I accepted a job some years back, as a task and team lead to hire and train up some newbie security types.

            For that, they paid me $125K. (I've got nearly 30 years of experience). Then I found out, that some of the sub-contractors I was training were making 137K. Needless to say, after pointing that out to my management, they weren't interested in doing anything about it, in fact, they told me that **MY** cost was stretching them. I left a month or so later. . .

          • Re:hire me (Score:5, Insightful)

            by ebno-10db (1459097) on Thursday October 24, 2013 @08:17AM (#45222385)

            SSDD. Companies that complain the loudest about "not being able to find people" generally pay squat and/or are a miserable place to work. Oddly, the companies that pay decently and are decent places to work have much less of a problem finding qualified people. Glad you found a better job.

            • Re: (Score:3, Insightful)

              by intermodal (534361)

              Creating a "job" doesn't give a company the right to fill that position, especially on the crappy terms a lot of them offer. I'm in a job that I was one of two applicants for, and I'm getting out ASAP. I've been here almost six months and any small amount of confidence I had that I could turn this job into something worth doing is gone.

              I'm underpaid in a toxic environment and meet resistance on everything I try to improve, fix, or address. They constantly complain about the low quantity and quality of ap

          • by JMJimmy (2036122)

            Wow that is a fucking insult and a half. $42k/y? The national average wage in the US is $43k, someone who can program (really program) is rare so add 50%, someone among those who can program who's good enough to hack? add another 50%. Someone who is trust worthy, somehow managed to learn to hack without being arrested/sued/put on some watch list that prevents them from obtaining security clearance, is willing to work for "the man", and has an ivy league education, add another 25-50%. $120,000-$145,000 i

        • A contractor I did gigs for me got me a general security clearance before a job that paid (me) about $300.
          As I recall, it was a one page form.

      • Re:hire me (Score:4, Informative)

        by SirGarlon (845873) on Thursday October 24, 2013 @07:18AM (#45221981)

        Sounds like they want to avoid training anybody and have poor HR people, do little advertising at universities, and cry like babies when they "can't find anybody."

        With regard to avoiding training anybody, all American companies are like that. Training costs are an externality they unload onto their employees. It is not, however, difficult to recruit qualified people even under those circumstances. All you have to do is offer them 20% more than your competitor does, and candidates will line up outside your door.

        Companies just whine instead are not serious about recruiting and/or want government support in the form of H1-Bs.

      • Re:hire me (Score:5, Interesting)

        by Anonymous Coward on Thursday October 24, 2013 @08:09AM (#45222323)
        former raytheon employee here; nobody who know anything about cybersecurity wants to work for them. The RayCERT is a joke. Raytheon has one very young and extremely unqualified person in charge of cybersecurity. How did he get his job? He was born to a Raytheon family. Nepotism rules that organization more than any Japanese Keiretsu or Korean Chaebol. Then you have people who treat computers as "those new fangled dohickies" in charge of IT security. My supervisor considered anybody born after 1959 a millenial. That doesn't even begin to address the turf war between the IT security and industrial security types that leaves a lot of stepping on each other toes in some areas and huge holes in coverage in others. In short, nobody who know anything about Raytheon and cybersecurity wants to work for Raytheon cybersecurity.
    • Re:hire me (Score:5, Insightful)

      by Samantha Wright (1324923) on Thursday October 24, 2013 @02:59AM (#45221119) Homepage Journal
    • Re:hire me (Score:5, Insightful)

      by gl4ss (559668) on Thursday October 24, 2013 @04:28AM (#45221387) Homepage Journal

      I don't know who the fuck made the conclusions but 24% is a friggin big portion.

      that's like bigger than firemen, airline pilots or what have you. it's such a big pile of people that there's no frigging way for them all to have jobs in "cybersecurity".

      would be rather pointless too if more than a quarter of a generation was needed for it. that would be quite telling of the fact that they wouldn't be actually doing any cybersecurity work but working as STASI.

      • by Gibgezr (2025238)

        Came here to say exactly this. There is just no way that 24% can be viewed as "low" in this context; it's frickin' huge!

      • I don't know who the fuck made the conclusions but 24% is a friggin big portion.

        Oblig. Python:

        Host (Michael Palin): Good evening. Tonight 'Spectrum' looks at one of the major problems in the world today - the whole vexed question of what is going on. Is there still time to confront it, let alone solve it, or is it too late? What are the figures, what are the facts, what do people mean when they talk about things? Alexander Hardacre of the Economic Affairs Bureau.
        (Cut to equally intense pundit in front of a graph with three different coloured columns with percentages at the top. He talk

    • Re:hire me (Score:5, Insightful)

      by CRC'99 (96526) on Thursday October 24, 2013 @06:18AM (#45221725) Homepage

      The employees are out there but they cannot work for chinese slave labor wages, nor do they want that lifestyle.

      11 months ago I finished my Commercial Pilots License - I haven't been able to find any work at all since completing it. That was the last time I touched a plane.

      The same problem exists. People are expected to splash $100k AUD on their license, then work for ~$25k a year. Not to mention get themselves to jobs on their own dime etc... I hear the same lines "There is a massive pilots shortage!!" - which is absolute bullshit. We just have to take other jobs to pay off the loans etc we took for our training.

      It just about gutted my career - but this is the world we live in. Now I'm only casually employed - and making about the same amount as I would as a pilot - while working only a handful of hours.

    • by Lumpy (12016)

      Exactly, if they want to get people raise it to $36 an hour to START.

    • I'm not a millennial, but I am familiar with computer system security, and while I don't have a security clearance, I do have a clean record which makes it possible to get one. Perhaps raytheon et al are simply expecting too much for too little pay. They're not going to find BS degree'd, clean cut 20 somethings with no criminal record if they insist on offering $12/hr wages. That mythical 22 year old working 22 hours a day for 22k a year doesn't exist.

      The employees are out there but they cannot work for chinese slave labor wages, nor do they want that lifestyle.

      Did you bother to even glance at TFA?

      The pay is actually pretty good. A Semper Secure survey found that workers in cybersecurity were pulling down an average of $116,000 a year. Given that job prospects are otherwise exceedingly grim for young folks, why aren’t they all packing lecture halls on Cisco Systems?

      I work in IT security. It pays very very well and ,pun intended, is a very secure job if you're good at it.

    • by TWiTfan (2887093)

      The employees are out there but they cannot work for chinese slave labor wages

      Doesn't matter. This whole "We can't find enough workers here in the U.S.!" schtick is just a ploy for them to go running to Congress and beg for more H1B visas (like pretty much every other tech company now). They don't give a shit how much American workers are willing to work for, because all they're interested in is importing cheap indentured servants from overseas, with the full blessings of our "representatives" in Congress of course.

  • I'm not surprised. (Score:5, Insightful)

    by Xenkar (580240) on Thursday October 24, 2013 @02:19AM (#45220983)

    I certainly wouldn't take a job that would force me to flee to another country for asylum if my conscience makes me become a whistle blower.

    • by cardpuncher (713057) on Thursday October 24, 2013 @03:55AM (#45221291)
      Cybersecurity doesn't necessarily mean surveillance. There's a more attractive side, too - you could spend your entire life running change control on a library of hundred-page procedure documents and reviewing firewall logs. Now, what kid could turn down *that* opportunity?
      • by O('_')O_Bush (1162487) on Thursday October 24, 2013 @06:51AM (#45221847)
        This. What the article doesn't explain is what cyber security usually entails at a defense contractor. I did that kind of work for about a year, and wanted to pull me own fingers off.

        It was where they took bright engineers, gave them tedious and excruciatingly boring tasks, burned them out, and replaced them. You'd think cyber security would be somewhat cool, but in reality, it was taking several multi-thousand line spreadsheet checklists, run some scripts, and manually put passes or fails for the things the scripts didn't cover. Do that all day every day for every type of server and every project, repeatedly, till all or almost all checks were passed. And then, do documentation.

        I would say that where I worked, the youngest crowd were the only suckers willing to take that work. Everyone else knew better.
    • by rvw (755107)

      I certainly wouldn't take a job that would force me to flee to another country for asylum if my conscience makes me become a whistle blower.

      Long before that you could decide to take your chances elsewhere - same job, different employer?!

    • I certainly wouldn't take a job that would force me to flee to another country for asylum if my conscience makes me become a whistle blower.

      I imagine you would if it was the only way to pay for your spouses' cancer treatments.

      There are a lot of jobs we're rather not take. But sometimes we're forced to chose between the lesser of two evils. Being responsible for other people can be a heavy burden.

    • Most cybersecurity jobs are in the private sector and don't require security clearance. They're related to ensuring that commercially sensitive information stays private (employees don't wander off with copies, competitors don't hack in, and so on). A lot of it is the same sort of task as the non-cyber variant: checking that the systems you think are secure really are, investigating when they're not, designing policies to make sure that they remain so if they are.
      • by IndustrialComplex (975015) on Thursday October 24, 2013 @08:27AM (#45222445)

        I am familiar with IA, I work with it almost all the time, but it isn't my primary function. I'm currently in the market for a job in the SE Pennsylvania region AND I have a clearance. I think you are spot on with what the tasks are.

        In SE PA there are a lot of medical companies, and thus their IA concerns relate to keeping their trade secrets secret, and even more importantly, keeping medical records secret. Unfortunately for me, I'd love to work for some of these companies, but damned if it's easy to meet their requirements.

        Engineering? Check
        IT systems? Rusty on the hands on work, but I mainly work architecture level designs.
        Experience with medical systems? Umm no, sorry that's pretty specialized.

        It's kind of like the Cheap, Fast, Reliable and other 'tri-feature' You pick two options. I can give you two, but that experience in medical systems always gets me. Unfortunately for a lot of these companies, a lot of the IA experience they ask for comes from the Defense industry, but rarely do we work with medical stuff.

    • by blueg3 (192743)

      So then don't. There's a ton of useful and interesting work in cybersecurity where the risk of that is basically zero.

  • by Anonymous Coward on Thursday October 24, 2013 @02:19AM (#45220985)

    I would've thought 24% of young people being interested is pretty good. Especially for a niche job like this.

  • millenials (Score:5, Insightful)

    by Idimmu Xul (204345) on Thursday October 24, 2013 @02:20AM (#45220993) Homepage Journal

    such a retarded word

    • If the label fits...
    • by Sockatume (732728) on Thursday October 24, 2013 @04:25AM (#45221375)

      Referring to them as "young adults" would force people from older generations to engage with the fact that they've aged out of their role as the dominant cultural and economic force. It would tie with the enormous cottage industry in writing editorials about how my generation is going to ruin the planet, at any rate.

      • "the enormous cottage industry in writing editorials about how my generation is going to ruin the planet, at any rate."

        "Industry"? You mean people expect to get paid for that?

        This is exactly the kind of spoiled, lazy thinking that has ruined the great culture that my generation left you! In MY day, we considered this sort of thing a civic duty, and we were thankful for the opportunity! You should all be doing this as part of being respectable citizens, not as a chore that you'll only do if someone pays you

    • Indeed... Maybe it's just me, but whenever I read it I first think of old people. Centennial = 100 year old person. Millenial = 1000 years old?
    • Re: (Score:2, Informative)

      by AmiMoJo (196126) *

      It's not even well defined. Here it means people who were born from 2000 to 2010, although of course it should be from 2001 to 2011. So those people would be between 3 and 13 now, a tad young to work in cybersecurity.

    • by invid (163714)
      Too bad the Millenials didn't get a cool label, like Generation X.
  • by Terje Mathisen (128806) on Thursday October 24, 2013 @02:21AM (#45220997)

    Please give me a big list of other occupations which more than 24% of a random sample of kids are interested in, then I'll allow you to claim that too few youngsters are interested in cybersecurity.

    Terje

    • by tlambert (566799)

      Please give me a big list of other occupations which more than 24% of a random sample of kids are interested in, then I'll allow you to claim that too few youngsters are interested in cybersecurity.

      Try to get competent at it without breaking U.S. law. I believe the criminal trespass laws when into effect in 1984, and Dmitry Sklyarov was arrested under the DMCA when he went to DefCon after being granted a Visa for the purpose of attending the conference.

      I'm going to guess that most of them also don't want to become good pickpockets, good safecrackers, or anything else that could land them in jail just for visiting the U.S..

      • by Lumpy (12016)

        "Try to get competent at it without breaking U.S. law. I believe the criminal trespass laws when into effect in 1984, and Dmitry Sklyarov was arrested under the DMCA when he went to DefCon after being granted a Visa for the purpose of attending the conference."

        Not hard at all, you can EASILY set up a Cybersecurity lab in your basement with useless garbage class computers. Even Windows Server software and OS is free for you to use for 30 days, wipe the drive rand reinstall every 30.

        If you cant figure out

      • Try to get competent at it without breaking U.S. law. I believe the criminal trespass laws when into effect in 1984, and Dmitry Sklyarov was arrested under the DMCA when he went to DefCon after being granted a Visa for the purpose of attending the conference.

        That isn't hard at all, as another poster pointed out, setup a lab in your basement with previous generation networking gear. $20,000 routers of that generation can be had for less than $100 bucks. Learn how to setup virtual machines and emulate a few hosts on the network, or just stick one or two old physical machines on it. Then practice.

        But real cybersecurity is learning about CM, audits, tests, and lots of seemingly mundane boring activities and the regulations/policies which govern industries. Si

    • by Seumas (6865)

      The other 76% want to be Youtube channel millionaires.

      • by DarkOx (621550)

        Right I think that is sorta the problem. We have been spoon fed this idea that boomers are the most entitled generation ever and perhaps at the time they were but I think its the people that experienced childhood in the roaring 90s and their teen years in the early 2000's when it still looked like you could somehow get rich by taking a loss year over year with your online "business".

        It may be that besides a few piercings and somewhat questionable taste in music, Gen X and at little past (Late 70's and very

  • Only large corps really spend money on security... But let's face it, why would a young and promising guy with a bright future ahead of him, work for a disgusting corporation that's full of bureaucracy, politics, and incompetent managers? What's in it for him other than the money which he can probably get elsewhere?

    Small companies are not just more fun; your opinions are heard, things move much faster, there's less bureaucracy, and there's usually minimal to no politics. I would gladly shave a chunk of my s

    • by ImOuttaHere (2996813) on Thursday October 24, 2013 @03:23AM (#45221183)

      A very surprisingly large number of corporations do NOT spend money on security.

      Which is why the FBI surprised over 70 companies a couple years back when the FBI told them their systems had been hacked for the company's intellectual property. The companies in question had _no_ idea they'd been hit. Which is also why the NSA makes a point of touring US-based companies to present corporate execs (primarily in the IT end of things) un-classified reports on the latest security threats (if you don't already know, take a look at the NSA Information Assurance program). Which is why I was laid off because one such company was not going to listen to someone suggesting to them their computer security really sucked and were actually in the process of slashing intellectual property protection and computer security jobs. Again. For the eighth time in four years. So they could use the money "saved" on the salaries of people at my level who were also laid off to "buy" low level grunt "talent" in their China operations. That company's security still sux and remains far too easily hacked, and this is in a sixty year old high tech company that would've known better had they not be bought out by an aggressive "rollup" company to then be run by a bunch of greedy WallStreet-types who extract, literally, $100's of millions of dollars for themselves from the companies they've absorbed and stripped of assets.

      So, no, many companies could give a rat's rear about security.

      Only large corps really spend money on security...

      • That's because companies view network security as a cost center, rather than a profit center, so they want to spend as little on it as possible. Being a network security specialist is a "reactionary" job - you do everything you can to make the network safe (on the usually meager budget you've given to do so), and then wait for ... something ... to happen, after which you'll be implicityly if not outright blamerd for it. You can also look forward to carrying a pager, possibly 24/7. In order to do the job

    • I've found that having a wife and kids to support made it difficult to forgo the better-paying jobs. YMMV, obviously.

  • Not just security (Score:5, Interesting)

    by jandersen (462034) on Thursday October 24, 2013 @02:40AM (#45221053)

    It isn't just security either; I see lots of jobs advertised at the moment here in London. It is overwhelmingly what they call "DevOps" and Java development. I have been following the market for a long while, and I can see the same roles coming up again and again, so clearly the companies are having trouble finding people.

    Having worked in IT for far too many years, I know how it goes: when you hire new employees, you know they aren't going to be up to speed for at least 3 - 6 months. However, these companies are mostly new start-ups, so they think it is like hiring a contractor, and they want their new staff to be up to speed immediately. It's just not going to happen, but until they see sense and learn to plan for the long term, the situation will be that way; lots of jobs that go unfilled, and lots of well qualified people the can't find jobs. And it's not about money, really; these web companies could afford to think ahead and invest in people with good potential - and one could argue that they can't really afford NOT to do so.

    On top of that, they don't actually know what they are looking for. Take this new buzzword, "DevOps"; it comes from "development" and "operations", and it means somebody who sits in the middle, between a development department and system administration; ideally this is a person who can do everything a developer does and everything a system administrator does, and such person is probably a developer who has grown into system administration. In the old mainframe days you would call them System Programmers, and they would be your most sacred asset. But what the web companies really mean when they say "DevOps" is just a low ranking build engineer, who knows how to use Puppet, Chef or Jenkins and is doing the same, repetitive task over and over, provisioning into the cloud. And they all want somebody who has "at least 5 years experience with the cloud"; has "The Cloud" even existed that long?

    • It isn't just security either; I see lots of jobs advertised at the moment here in London. It is overwhelmingly what they call "DevOps" and Java development. I have been following the market for a long while, and I can see the same roles coming up again and again, so clearly the companies are having trouble finding people.

      That doesn't mean you need to fall for these sap stories. It's the companies' own fault if they have incompetant HR or terrible business practises that force people out after short stints. In a free market if it is critical to their business and they stuff it up they should go out of business and good riddens.

      On top of that, they don't actually know what they are looking for. Take this new buzzword, "DevOps"; it comes from "development" and "operations", and it means somebody who sits in the middle, between a development department and system administration; ideally this is a person who can do everything a developer does and everything a system administrator does, and such person is probably a developer who has grown into system administration.

      I have done this dual job before and trust me, the HR types do not care one iota. If it saves money, great -- screw that guy some more. Who really benefits from a burnt out IT guy? The manager that can

    • It isn't just security either; I see lots of jobs advertised at the moment here in London. It is overwhelmingly what they call "DevOps" and Java development. I have been following the market for a long while, and I can see the same roles coming up again and again, so clearly the companies are having trouble finding people.

      It's also possible after gaining experience and the needed clearances they discover they can make more elsewhere.

  • by Chrisq (894406) on Thursday October 24, 2013 @02:48AM (#45221073)

    only 24 percent of millennials have any interest in cybersecurity as a career

    That is not a lack of interest - it is an enormous interest. Think of when you were in class - if a quarter of the whole class were interested in one career. It is so high that I have difficulty believing it. If you assume that in any class you are going to have a 5% with no academic interest, maybe another 5% who truly want to pursue something non-technical, be it lawyer, politician, professional musician, sportsman, minister of religion, or artist - then I would say that it would be all the non-security related scientific, technical, and computer related industries that should be worried. If that figure were true it would mean that *most* people who are going to want a technical career would be looking at jobs in computer security.

  • Offer more cash and support ongoing education, you get the best people in any generation. Start going for cheap wages, gov spying deals and contractors and it gets interesting in many ways.
    Cybersecurity is sold as protecting data but could mean helping track dissidents or build deep packet inspection.
    The brand is a key factor too, if you are facing more congressional hearings or whistleblowers show you hawking your domestic surveillance skills to govs. Also don't ask your staff to do mass surveillance.
  • by rts008 (812749) on Thursday October 24, 2013 @02:52AM (#45221091) Journal

    Or maybe, just MAYBE, they are afraid of being lumped in with the clueless bunch that are brandishing the term 'cyber' for everything, like it was some demented talisman to ward against evil net spirits.

    I mean everybody knows that a 'CyberSecurity Specialist' is only a small and mostly accidental step away from a 'CyberBully', or 'CyberTerrorist', or OMG!!! Cyborg!!!

    "Why yes, I'm a Terminator for the NSA, DHS, and in my spare time, the FBI and CIA! I'm a hit at all the parties!"

    • Or maybe, just MAYBE, they are afraid of being lumped in with the clueless bunch that are brandishing the term 'cyber' for everything, like it was some demented talisman to ward against evil net spirits.

      I mean everybody knows that a 'CyberSecurity Specialist' is only a small and mostly accidental step away from a 'CyberBully', or 'CyberTerrorist', or OMG!!! Cyborg!!!

      "Why yes, I'm a Terminator for the NSA, DHS, and in my spare time, the FBI and CIA! I'm a hit at all the parties!"

      Or security for that matter - i.e. security guard, mall cop...tsa, etc...

  • by Anonymous Coward

    The idea of working on mechanisms to stop other people from doing things seems like such a depressing job, even if the objective is to stop malicious people from doing bad things! The goal is to suppress and defeat the actions of other people who actually lead interesting lives!

    Meanwhile, almost every other kind of development job involves creating something visible, something meant to be shared, something constructive, helpful, or fun!

  • As with anything, they could try offering them more money and better conditions.
    And as always, businesses would rather avoid that in favour of having others (college/govt/other countries) train them and create a surplus of people trained in the sector to depress the wages.
    While it's nice when people can enjoy their work, most people work to live, not live to work. Give them training, more money and time off to enjoy it and you'll get more applicants.

  • I would prefer a job (and I have such a job at the moment) that enables users to do things, that increases their possibilities. Not one to take possibilities away, and to restrict users.
  • Give me comparative numbers, what is the trend ? What can I do with a "24%" which sounds like a very high number.
  • dafuq (Score:4, Insightful)

    by Redmancometh (2676319) on Thursday October 24, 2013 @03:41AM (#45221249)

    Am I missing something? 24% of millenials sounds like a huge number if its not just IT workers polled.

  • by taikedz (2782065) on Thursday October 24, 2013 @03:59AM (#45221303) Homepage Journal

    From the Raytheon article key figures: "Young men (35 percent) are far more interested than young women (14 percent) in a career in cybersecurity." If that many people are interested in cybersecurity, I'd call that "an overwhelming proportion" of persons being interested in cybersecurity. By that count, that's an enormous population of paranoid technofreaks.

    "The survey also found less than one-quarter of young adults aged 18 to 26 believed the career is interesting at all." And how much of the total population gets employed in computer security AS A WHOLE? Less than 0.1% easily. How many other types of jobs, areas of interest and careers are there WITHOUT EVEN leaving the IT world?

    The study page even highlights that they didn't target IT graduates. This is from a general, untargeted smattering of 1,000 members of the population. That's not even a proper sample size.

    Bad journalism. Bad study report. Bad.

  • Why would they want to take a job working against what they consider to be a valid weapon against others, most especially corporations?
  • by gnasher719 (869701) on Thursday October 24, 2013 @06:41AM (#45221809)
    When your job is security, the best thing that can happen is that you do an excellent job, and the end result is - nothing. That's the whole idea of it. If you do your job right, nothing happens. If you do your job badly, shit happens. Stuff gets stolen, and so on.

    So will anyone congratulate you for a job well done? No, they will only see money spent on your salary with zero results. You will look as if the company could do without you. You know better, but the people who might give you a raise don't. And the people who could fire you to safe on salaries and increase profits don't.

    You get much better recognition in a job that visibly produces positive results.
    • by Simulant (528590)
      And unless you are the rare, true security geek, you will most likely hate your job. The vast majority of government/contract security jobs appear to me to be chasing false positives, editing ACLs & GPOs and then dealing with the unintended consequences of your own command's policy decisions. All in all, tedious, frustrating, and thankless work. I worked in DOD cyber security for few years and would never go back. And that was before Snowden... I can only imagine how horrible it must be now.
  • Why the surprise? We all live in police states. From the recent scandals and revealations, that opinion is no longer fringe. If in doubt, just watch some evening news and try to find a story where police/justice/govt is _not_ involved. Small wonder people seek the distractions of sports & gossip.

    The tension imposed by the police state stresses everyone (not least the officers themselves). People naturally shy away from it. Even legitimate security efforts suffer under the toxic cloud. Fear of bei

  • I've done security work as part of systems engineering, and helped other companies with it, for decades. It would be difficult to pay me enough to take that as a primary role. Many projects think of security as something that can be painted on after a project is done: others have managers or core developers who think of every moment spent thinking about security as wasted, non-profit-generating work.and actively discourage any attention to security implications. Others rely on external firewalls to say "we

  • Unless you forgot your password on a new machine? Ya, right. How about an ad by companies? Maybe in the L.A.Times? New York Times? It doesn't take much "intelligence" to figure out that someone wants to hire a bunch of 15 cent an hour geniuses to handle an American intelligence software generation contract from the D.O.D. What could possibly go wrong there?

    So I googled the topic and found out some intelligence the easy way. 4 job openings at the DHS. Typed in "Cyber" just like the instructions said to do.
  • are interested in cybersecurity? And that's not enough? I think what they are saying is that they need more to be interested and to train for it so they can hire a few at really low wages, otherwise I guess they'll just have to start looking for H1B visa hires...

  • Making $5/hr when I live in a country with a cost structure designed for someone making $50/hr. Yeah, sure. How could I turn *that* offer down. And of course, only millenials matter for cybersecurity jobs. Can't hire those 50+ guys. No way. Even if there are lots of them looking for work.

  • of the population working in "cyber security" so how is this a problem?

  • I heard rumors about Raytheon that make it sound like a very unappealing place to work. Rumors about job turmoil such as lousy benefits that get worse every year and no job security.
  • Everytime I see an article that says "Industry X can't find enough workers, people just aren't interested," it makes it sound like there's a worker shortage. What is often left out of the uncritical reporting, especially for entry level jobs, is "...can't find enough workers who will work for the amount the company wants to pay them." It's a free market, if you can't find people, you're not paying enough. Now, if it's for a senior position, then there may be a shortage of people, but that means the co
  • Why oh why are our young not interested in MINT professions? And especially in that awesomely secure security business?

    Easy. It's less hassle, less work and requires less brain power to push through some idiotic MBA degree, with the much higher chance to get a well paying job with way fewer overtime hours. It's simple as that. It's simply better paid to push numbers about and bullshit people out of their money than actually do something sensible that the economy could benefit from.

Science and religion are in full accord but science and faith are in complete discord.

Working...