“Splitting up responsibilities and taking my fair share rather than simply assigning tasks and ‘managing’ has worked for me more often than not.”
Jeff has more than 38 years of experience working in numerous areas and roles of information security within the Department of Defense and later the private sector. He is a certified NSA cryptanalyst and previously held security research, management, and product development roles with the NSA and was part of its first penetration testing “red team.” For the past 24 years, he has been a pen tester, security architect, consultant, QSA, and PCI SME, providing consulting and advisory services to many of the nation's best-known companies. Currently he is a senior consultant/advisor for Online Business Systems, a co-host of Paul's Security Weekly, and a host of Security & Compliance Weekly.
Do you believe there is a massive shortage of career cybersecurity professionals?
Well, I wouldn't call it massive, but I do see several problems. First, there is the problem of defining what constitutes a career in this profession. Second, there is the paradox that in most organizations there is an ongoing effort to automate security and the constant quest for “silver bullet” solutions that do all the security work seamlessly and transparently so that nobody has to think about ...