This is similar to my experience. About 95% if security folks I interact with are compliance folks to audit and make sure checklists are done.
The other 5% are super smart and are basically engineers who specialize in security.
I feel like many cyber people get certs and then hope for nothing bad to happen. When something bad happens, they claim that someone else didn’t do something right or get fired and move on.
The other 5% are super smart and are basically engineers who specialize in security.
I feel like many cyber people get certs and then hope for nothing bad to happen. When something bad happens, they claim that someone else didn’t do something right or get fired and move on.