rabbitFeb 27, 2024
1. Companies lay off their infosec staff to save money and drive down salaries.
2. Consultancies hire those infosec staff.
3. Companies without infosec staff accumulate security debt until they're owned.
4. Companies pay significantly to consultancies to get their stuff unfucked.
5. Companies start opening high-paying infosec positions to lure infosec staff away from consultancies.
6. Infosec gets tired of consulting bullshit, migrates back to companies.
7. Repeat.
Show threadJohn Timaeus

@rabbit

Centralized vs decentralized compute.

On-prem vs hybrid vs cloud.

In-house vs contract vs offshore talent.

Monolithic app vs containerized stack vs 'cloud functions'.

Hire for the future vs cut anyone who's not over tasked.

Work towards the company goals vs micromanage every task and account for every minute spent.

No meetings vs all the meetings.

These cycles play out all the time.
I've come to believe they're unavoidable.
They happen at the team, company, business niche, industry, macroeconomy, and global levels.

Management thinks in impatient, broad-brush, sweeping generalizations, with very binary decision making. It's especially bad at upper levels.
They can't see that mid-points are often better than extremes. They can't leave well enough alone, and feel they're being decisive by saying things like "let's fire half our developers today".

I suspect it stems from sexual insecurities. But I'm not a psychologist, so this does not constitute a diagnosis.

Feb 28, 2024 at 12:45amWeb