“I do not believe that groups of people make decisions—people make decisions.”

Twitter: @armorguy • Website: www.linkedin.com/in/martinjfisher

Martin Fisher is a 20-year information security veteran who has worked in the commercial aviation, finance, and healthcare delivery industries. He was a founding host of the award-winning Southern Fried Security Podcast for 10 years, has appeared on NPR's “Science Friday with Ira Fladow,” and has spoken internationally on a variety of information security topics. He has led a variety of teams through significant transformations and helped create high-performing teams of engaged and effective security professionals.

Do you believe there is a massive shortage of career cybersecurity professionals?

Yes, there is.

That said, I don't think cranking out 60,000+ new CISSPs is going to fix the real underlying problem. That problem is that our current generation of security technologies hasn't matured to the point where we can reliably automate responses across all environments. I think the current focus on creating mills where we turn people into “security professionals” is an almost decent bandage to the problem, but we're ignoring the fact that we need to better integrate security into all aspects of IT operations. Let's be honest—security operations is a subset of IT operations, and the sooner we realize that and develop/adopt ...