Ten years, how time flies.

Ten years, a decade, it’s a very long time, and yet passes in the blink of an eye. I joined Tenable ten years ago, and somehow they have not tired of me yet. I had known Ron Gula and Jack Huffard for a few years before I joined, we had tried to find a fit for me at Tenable a few times before, but in 2011 Astaro was being acquired and we decided that...

Jun 2021

Finally, the results of the employer support survey

 Delayed by holidays and the madness of the past month, but here it is.First, the very short summary: most of us in the security realm are pretty lucky to be where we are during the pandemic. Most of us have employers who have been at least somewhat supportive and flexible as we deal with the pandemic and its impact on our lives.Most, but not all, had...

Jan 2021

Are you getting the support you need?

 The second survey is now live, this one is an inquiry into how, and how well, employers are supporting their employees during the pandemic. Anecdotally, I've heard great things about many companies, and sadly some not great things about others. Please take a few minutes, take the survey, and share with others.Answers are anonymous, highlights and details...

Dec 2020

Quotable Quotes

Today I'll share a few of the quotes received in the comments section of the survey. Let's start with this commentary on PhD and advanced degrees: "A PhD is a full-time job, not an extension to college/school. During my PhD I've published more papers, gotten more patents & more press coverage, and generally contributed more code, tools, and know-how...

Apr 2020

And here's the raw data

As promised, here are the raw data files as of the weekend, somewhat cleaned up: Here's the .xlsx version: https://1drv.ms/x/s!ADU9TlQrSzm4h8cc And here's a .csv https://1drv.ms/u/s!ADU9TlQrSzm4h8cd If you play with the data and decide to do anything with it, please let me know so I can share it here and elsewhere. The survey is still open at...

Mar 2020

A few more numbers, and a "that's interesting" or two

Of the 61 respondents who ID as female: 89% have a degree, 11% do not. Compared to the 359 who ID as male: 72% have a degree, 28% do not. Age/degree breakdowns: Under 26, 21 respondents, 43% no degree, 57% degree 26-35, 92 respondents, 24/76% no/yes degree 36-45, 168 respondents, 27/73% no/yes degree 46-55, 121 respondents, 26/74%...

Mar 2020

Initial Survey Demographics

Here are some initial demographics from the survey. Out of 416 respondents thus far (the survey is still open) results are: Age ranges: 21 are 25 and under (20% of these identify as female) 84 are 26-35 (21% female) 163 are 36-45 (14% female) 113 are 46-55 (10% female) 34 are 56 and over (36% female) Gender: 60 female 341...

Mar 2020

Certifications and self-study

Let's take a quick look at some non-degree data, certifications and self study:What security certifications have you earned (current and/or lapsed)? Please add certs not listed under “Other”.Which non-security certifications have you earned (current or lapsed)? Please add certs not listed under “Other”.Have you done any of the following self-study or...

Mar 2020

Well, it says a lot of things, and as expected it answers some questions and asks more. First, thank you to everyone who completed the survey and shared it, there are over 400 responses so far and I plan on leaving it open for a few more weeks. I will hold off on sharing my interpretations and opinions, I just want to share some data for now. And yes, raw data will be available as a .CSV in coming weeks, I just want to gather more answers and sanitize it before sharing publicly. Also, thanks to Jay Jacobs of the Cyentia Institute, he has done some data visualization work on the initial data. The first question was "Do you currently work in a security role? (A role where security is the primary focus, whether defensive or offensive: Red team, pentester, SOC analyst, Incident Response, security admin, security support, etc.)" Question two is "What is the highest level of formal education you have achieved?" And here Jay has compared the first two questions: And jumping ahead, question nine is: "If you are a recruiter or hiring manager, do you require degrees for candidates in infosec/cybersecurity roles?" More to come later this week. Note: this post is cross-posted from the project website at https://www.careerstudy.org/

Well, it says a lot of things, and as expected it answers some questions and asks more. First, thank you to everyone who completed the survey and shared it, there are over 400 responses so far and I plan on leaving it open for a few more weeks. I will hold off on sharing my interpretations and opinions, I just want to share some data for now. And yes,...

Mar 2020

Survey on degrees and education in cybersecurity

I have started a new project to gather information on career topics in information/cyber security. I'm launching with a simple survey on degrees and education in the field. It should take no more than 5-10 minutes to complete, the survey has 14 to 18 questions including optional demographic questions, plus optional additional information and feedback...

Mar 2020