The reason we're consistently seeing increasing frequency of data breaches isn't because bad guys are getting smarter. It's because the never-ending list of required skills that recruiters and companies are asking for is resulting in hiring less competent people to fill these roles. Workers are increasingly pressured to have an unrealistically broad skillset to get hired. The trade off is that skillset is extremely shallow and the resulting products have attack vectors hanging off it all over the place.

@jonw Not sure about less competent, but definitely stretched further. One person for 'full stack development and engineering' is asking one person to do the work of a team (echoing a recent sentiment from a friend)

@jonw don't forget that no one wants to hire juniors or pay for actual training, cuz, oh it's okay if you don't know all 90 of these technologies like the back of your hand, you can learn on the job

@hirojin @jonw learning during the job can sometimes be okay, but it really depends on whom you're surrounded with. And of course how deep the water they throw you in.

@jonw I would also argue that there's also a risk calculous involved. It's cheaper to move fast, hire cheaply and pay for a possible settlement after a breach than hiring a regular sec team or conducting internal audits. A settlement *could* happen, and *could* cost the company losses (which have tax incentives if you go into the red in the US) but an audit and a sec team *will* cost money.

@jonw as a tech worker with a broad but shallow field of expertise I'd say overspecialization is in fashion rather than ability to learn and adapt. I've seen ads with experience requirements in <insert js framework here> longer than said framework's age 😒

@jonw you mentioned it but as someone on the other end of the problem, sometime trying to enter the workforce with a skill I've been trained on, the problem of corporate employers having unrealistic standards is everywhere. There is no entry level anymore. Every employer wants a worker that is already trained on everything that they could possibly encounter. The younger generation, the generation currently entering the workforce after finishing high school or college, is almost completely locked out of the work force in terms of skilled jobs.

And any skilled job that we [my generation going into the workforce] are able to get, we're massively underpaid for, because the employers know we have no other options.

This is what wage slavery looks like.

Sign in to participate in the conversation

A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore.