My sense is orgs are correcting now from the over-hiring they did a few years ago. Our InfoSec department blew up over the last 5 years as did many corporations but the problem is in the boom you had, for lack of a better way to put it, a lot of morons snuck in under the auspices of “I took a course I’m a security engineer!”
Now corporations are moving on to risk mitigation which is a completely different skillset.
My sense is orgs are correcting now from the over-hiring they did a few years ago. Our InfoSec department blew up over the last 5 years as did many corporations but the problem is in the boom you had, for lack of a better way to put it, a lot of morons snuck in under the auspices of “I took a course I’m a security engineer!”
Now corporations are moving on to risk mitigation which is a completely different skillset.