top | item 28639813

(no title)

charlchi | 4 years ago

If companies respected and paid platform/architecture engineers, or SecOps/SysAdmin types fair amounts of money and treated them with respect, instead of just throwing more and more money at hordes of mindless devs who are "pushing product", as virtually every single company does, maybe this problem wouldn't exist.

I've had this conversation too many times. Security isn't hard, it's just that nobody has respect for it. The guy who understands software security isn't getting the respect he deserves. The situation is so bad, some companies are literally hiring people who know the equivalent of script kiddie "penetration-testing".

Pay security engineers enough and listen very carefully to what they have to say. Literally the only companies who seem to understand this basic concept seem to be the intelligence agencies, and a few other high profile companies.

discuss

No comments yet.