April 09, 2020 COVID-19,CYBER SECURITY

Will COVID-19 Affect The Livelihoods of Cybersecurity Professionals?

Of late, a question posed quite frequently within my industry is whether COVID-19 will affect the livelihoods of cybersecurity professionals. Obviously, I can’t speak for everyone but I really haven’t seen IT people (especially in the cybersecurity field) lose their jobs.  If anything, I’ve seen a renewed interest in hiring.  Just a few days ago, I was on the phone with a banking client of ours and she told me she was interviewing someone for an IT position because they’re swamped.

They can’t keep up

We need help” she said, with an air of desperation.

I’d say that practically all our clients have now sent home close to 100% of their workforce.   There’s a tendency to think that working from home is simple(r) – click on the VPN and you’re in, because the VPN is like being on the LAN.   Well, not quite.  Yes, functionally, it is.  But there are so many differences that need to be accounted for, which cause a lot of work for IT and security.

First of all, you’re not connected at 10Gbps to that server down the aisle.  You’re lucky if you have 500Mbps.  Second, many didn’t seem to realize that, while within premises the download speed is what counts most, when you’re home, it’s the upload speed of your office ISP that becomes your bottleneck.  So for all those using cable with 500 down/20 up, now the actual available bandwidth for their remote users is (in reality) 20Mbps.  Imagine having 50 users hammering on that one small bandwidth. Trying to use applications that they were previously reaching at 1Gbps.

Next up, you experience the sporadic (or not) routing issue

Or, applications that are set to work only with your LAP IPs, now suddenly don’t accept connections from the VPN.  On top of all that, you’re going through protections devices – FW, IPS, and who knows what else.  And these devices may block some traffic because it looks suspicious (SMB through an IPS usually looks fishy).  Not to mention the devices used at home must be prepared and configured, if you’re doing your job right and are providing company issued (and locked down) devices.  Unless you’re living dangerously and allowing your remote users to used their home computers. In which case you’re up for a whole other set of potential (ugly) issues.

So, with all these considerations, think of a team that was once accustomed to a fixed (perhaps boring even) routine with zero to minimal issues. A team which goes through the normal daily jobs of patching, fixing, and similarly mundane things. And then suddenly, that one same team finds itself tossed into a situation wherein each individual member now needs hand holding for a week. Quite possibly going through the frustrating process of “growing pains” that come with a whole new environment.

There’s no question that IT and cybersecurity workers are NOT being laid off

Will COVID-19 affect the livelihoods of cybersecurity professionals?  I say no.

And I’d be truly surprised if that wasn’t the case.

On the contrary, now more than ever, these individuals are needed. If not by companies whose personnel have migrated to working from home, then by companies like us, providing managed security services to clients.  We’ve been working, all hands on deck, for 3 continuous weeks, to ensure a smooth transition for our clients.  And discussing with my peers at other companies, it’s not just us.  Yes, we’re picking up the slack, but not because companies are laying people off. No, it’s because they simply can’t keep up.  And in the meantime, we’re becoming a new market for more employment.  Honestly? I foresee a surge in hiring, at least in the cybersecurity industry.

Will this settle?

I sure hope so.  But, let me clarify, that doesn’t mean IT people will be laid off.  They will still be needed, to maintain an eye on things, and ensure everything works properly.

To conclude, I personally don’t believe there will ever be a time when IT professionals risk being generically be laid off.  Those who lose their jobs are quite likely people who haven’t kept up with the times.  For instance, as we move to the cloud, I may no longer need an in-house Exchange admin.

That’s the kind of job that is destined to soon disappear.

But COVID-19 has nothing to do with it.

It’s solely because IT changes, constantly.  And if you want to keep your job, you need to change with it.  You need to stay relevant.