Laid Off by Big Tech? Cybersecurity is a Smart Career Move – Security Intelligence

Laid Off by Big Tech? Cybersecurity is a Smart Career Move
Big technology companies are laying off staff as market conditions change.
The move follows a hiring blitz initially triggered by the uptick in pandemic-powered remote work — according to Bloomberg, businesses are now cutting jobs at a rate approaching that of early 2020. For example, in November 2022 alone, companies laid off more than 52,000 workers. Companies like Amazon and Meta also plan to let more than 10,000 staff members go over the next few years.
As noted by Stanford Graduate School of Business Professor Jeffrey Pfeffer, part of this push to cut positions stems from a bursting bubble of business valuations. Pfeffer makes it clear, however, that in many cases, the cause here is imitative behavior. When one company starts laying off staff, others follow in what he calls a “social contagion”.
Regardless of the underlying reason, many skilled IT professionals now find themselves out of a job. But it’s not all digital doom and gloom. There’s one tech sector that’s still struggling to find talented staff: Cybersecurity.
Here’s why making the move to infosec may be a smart career move for former big tech staff.
According to data from Cyber Seek, more than a million IT professionals are currently part of the cybersecurity workforce. This number has been steadily growing over the past few years. Despite the uptick, however, there are still more than 750,000 open cybersecurity positions across the country. In states such as Florida, Texas and California, there are anywhere between 25,000 and 83,000 job openings available.
The reason for this growing gap is simple: Cybersecurity threats are on the rise, and there aren’t enough skilled professionals to meet increasing demand. From the ongoing risks of ransomware to emerging attack vectors created by work-from-home policies and the adoption of anywhere, anytime resource access, companies now face a myriad of old and new threats that can quickly derail business operations.
For IT professionals recently laid off from big tech jobs, the move to cybersecurity can feel like a strange shift. Consider a software engineer or application developer out of a job and looking for new opportunities. They may bypass infosec openings simply because they’re not sure security would be a good fit.
They’re not wrong. While cybersecurity is on the same spectrum as other IT opportunities, it comes with a different approach. Conflict rather than consistency is at the heart of these protective positions. Despite its significant departure from other roles, it offers a unique opportunity for growth.
Put simply? Having an adversary fuels innovation. Instead of working on projects with a consistent path between point A and point B, cybersecurity staff must be ready to respond at a moment’s notice. Even as they’re busy implementing strategies and solutions to detect attackers earlier and mitigate malware impacts, they’re also the first line of defense against attacks in progress.
As a result, these roles aren’t for everyone but offer a compelling career choice for those looking to challenge themselves.
Cybersecurity-specific certifications and training can help staff stand out to recruiters and make the transition to new roles easier. But existing qualifications also play a role in helping IT professionals make the transition.
Consider a software engineer with two decades worth of experience who was recently laid off from their job. While their skill in coding, testing and revision may not seem immediately applicable to cybersecurity, they bring a unique set of benefits to the table.
Take the common example of a ransomware attack. Cybersecurity teams prepare for these attacks using a combination of threat intelligence solutions and incident detection tools that help shorten the time between attack and discovery. Over time, however, attackers learn — and grow. The existence of Ransomware-as-a-Service (RaaS) marketplaces showcases the commitment of malicious actors to collaborate when it benefits their ability to break down business defenses.
In practice, this means that existing controls may slowly begin to fail as attackers enhance their approach. Our laid-off software engineer, however, can compile new code in-house to boost existing solutions and frustrate attacker efforts.
Of course, it’s one thing to consider a move to cybersecurity. It’s another to take the plunge and start putting out applications.
One way to help streamline the shift is with certification-based training. Consider that of the more than one million currently employed cybersecurity professionals, 213,000 hold the CompTIA Security+ certification, and 94,000 have completed the Certified Information Systems Security Professional (CISSP) course. What’s more, 140,000 of the currently unfilled security positions are asking for CISSP, while 100,000 want CompTIA Security+ completion.
Not only do courses such as Security+ offer a great introduction to cybersecurity processes and priorities, but they also pave the way for advancement within new organizations. What’s more, many of these certification options are now available as online, self-paced courses that let IT professionals decide how and when they learn best.
Another option for laid-off tech staff is applying for positions that include paid training to get them up to speed. A quick query of the job search site Simply Hired turns up more than 600 positions that don’t require previous cybersecurity experience and provide paid training.
Undoubtedly layoffs will stabilize and IT hiring will eventually begin again in earnest. However, this is cold comfort for technology professionals who find themselves facing the unpleasant reality of possible unemployment.
As one digital door closes, however, another opens. And strangely enough, it’s one that sees technology experts finding ways to keep network doors shut tight against potential attackers. Although the move to cybersecurity isn’t for everyone, the skills acquired in previous positions combined with the compelling task of adapting to an adversary’s movements make this lateral shift a great way for IT pros to capitalize on current strengths and build new skill sets that set them up for ongoing career stability.
4 min readAs with many other aspects of life and business, 2022 held fewer overall surprises in cybersecurity than in recent years — thank goodness. Instead, many trends brewing over the past few years began to take clearer form. Some were unexpected,…
3 min readQuantum computing capabilities are already impacting your organization. While data encryption and operational disruption have long troubled Chief Information Security Officers (CISOs), the threat posed by emerging quantum computing capabilities is far more profound and immediate. Indeed, quantum computing poses…
5 min readThis post was made possible through the contributions of James Kainth, Joseph Lozowski, and Philip Pedersen. In November 2022, during an incident investigation involving a self-checkout point-of-sale (POS) system in Europe, IBM Security X-Force identified a novel technique employed by…
Quantum computing capabilities are already impacting your organization. While data encryption and operational disruption have long troubled Chief Information Security Officers (CISOs), the threat posed by emerging quantum computing capabilities is far more profound and immediate. Indeed, quantum computing poses an existential risk to the classical encryption protocols that enable virtually all digital transactions. Over the next several years, widespread data encryption mechanisms, such as public-key cryptography (PKC), could become vulnerable. Any classically encrypted communication could be wiretapped and is…
With the shortage of qualified tech professionals in the cybersecurity industry and increasing demand for trained experts, it can take time to find the right candidate with the necessary skill set. However, while searching for specific technical skill sets, many professionals in other industries may be an excellent fit for transitioning into a cybersecurity team. In fact, considering their unique, specialized skill sets, some roles are a better match than what is traditionally expected of a cybersecurity professional. This article…
There’s good news, and there’s bad news. The good news is that the number of cybersecurity professionals has reached an all-time high. According to (ISC)2’s annual Cybersecurity Workforce Study, 4.7 million people currently work in a security-related job. The bad news: the study also found a worldwide gap of 3.4 million cybersecurity workers. 70% of those surveyed also said they think their organization’s security team is understaffed, decreasing its effectiveness. As cyberattacks grow increasingly sophisticated and threat landscapes expand, organizations…
In March of 2022, a new federal law was adopted: the Cyber Incident Reporting Critical Infrastructure Act (CIRCIA). This new legislation focuses on reporting requirements related to cybersecurity incidents and ransomware payments. The key takeaway: covered entities in critical infrastructure will now be required to report incidents and payments within specified time frames to the Cybersecurity and Infrastructure Security Agency (CISA). These new requirements will change how CISOs handle cyber incidents for the foreseeable future. As a result, CISOs must…
Analysis and insights from hundreds of the brightest minds in the cybersecurity industry to help you prove compliance, grow business and stop threats.



Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top

Adblock Detected

Please consider supporting us by disabling your ad blocker

Refresh Page