Threads: security, security jobs searchers, the time to 'build an ark or bunker' and why we just shake our heads and smile ;-) :-D

Over the years, it has become apparent that like the road to hell, security efforts are built on good intentions.

But like the road to hell,, filled with the wreckage of good intentions, crashes of 'secure systems, bubble gum patches that either blow out quickly or harden into thorns or daggers pointed into those systems or like infected bandages introduce infection through constant rubbing and chafing and blistering from that crusty old bandage that was never removed or replaced. Imagine a tire with patch after patch on the same hole resulting in a huge and ever growing bump/tumor,,,, how long can that tire roll without tearing the tire or the vehicle apart? ;) :D

If ya think ahm keeding, Meltdown and Spectre and Super Mirai and moar of that Nitro Zeus ilk to come (dare you to stand in front of a mirror and close your eyes and say "Nitro Zeus" three times in a row,,,, when you open yer eyes, do you see how silly you look? :D )

I could go into how little one gets by applying simple tactical cultural measures like firewalls phishing training, hunt groups,,, etc... but why nboher? ;)

No one is going to listen or just as likely, they don't know what else they can do or what they should do. ;) I'm not upset/crying/whining about it. People will do what they do,,, like driving a truck into a flooded street,,, or climbing down into a rock face that hey can't get back up, or taking a curve at too high a speed or other "sounded good at tthe time" lapse of judgement/not thinking through the consequences and/or short term thinking. We just kinda nod and if called in, offer some positive way forward. :)

But please don't cry about the bunker ya didn't build,, strong enough or enough of orf in the wrong places when the missiles are in the air or about to impact,,, :-o :-P

The current state of cyber security is like when people start to realise that their main chute has candled or 'mrilyn monroe'c or mae wested',,, if they've got a reserve ready to go after cut away. ;)

Thread II - We get our fair share of resumes,,,, and we're kinda wondering from talks,,, who are hiring,,,, the companies and outfits that hire us,,, or security product vendors? Anecdotally, it seems many companies in need are waffling on hire of internal people as well as preferring to outsource,,,,, ut this can make it difficult for many interested in security jobs/security job seekers to get a 'good' job or even a job. :D

Thread III - The rains have started, winter is here,, the time to build an ark and to run your lifeboat drills and sauve qui peut and man oberbnoard drills and underwater casualty and fire on deck drills and training and measures is before you have those casualties,,,, not during and not after,,, after all a hundred wight of readiness is worth several tonnes of cure as well as being much more cost effective and operationally survivable,,, but hen what do we know,,, :D

Oh you have water tight integrity and design architecture you say? Would that be 'Titanic' level waterproof or something netter than posting statements in a paper? ;) :D