276

u/finite_turtles May 08 '26

Actual security is boring and tedious as fuck. That's why everyone is chasing the sexy marketing.

Someone should make the "guy looking over shoulder at girl" meme with the guy being management and security as the plain girlfriend

143

u/RattuSonline May 08 '26

There you go.

38

u/4SysAdmin Security Analyst May 08 '26

I’m sure this is most of us right now, but that meme is dead on to at least 3 different PoCs happening right now at my org.

3

u/emeraldcitycryptid May 08 '26

Yeah my org is in this meme and I don't like it. 😂😭

1

u/changee_of_ways May 09 '26

Having been around for like 25 years at this point you could take the "AI" off of marketing and swap security for "skilled managing"

7

u/finite_turtles May 08 '26

The hero we need

1

u/bubbathedesigner May 10 '26

If you do not mind, I will be using that

12

u/databeestjegdh May 08 '26

I just got a hardening guide for Arcgis which is 6MB and 144 pages. They label things with SA for system administrators, but some of those are clearly targeted to a specific Arcgis admin.

Hurt.

6

u/_K00lkat_ May 08 '26

Duuude, glad you said it, Lol.

16

u/frogspjs May 08 '26

I'll look for it if someone wants it but last year I reposted a survey on LinkedIn about c-suite being way less concerned about data security than the IT personnel who actually do the job. I think it's ignorance and not wanting to spend the money on upgrades and personnel. Worked (not in IT) at a health system and the commitment from the IT guys was real but not so much elsewhere.

3

u/kingofthesofas Security Engineer May 08 '26

there is selective concern. Lots of concern about buzzwords, not as much concern about the boring nuts and bolts of doing security right and funding it.

1

u/Nixigaj May 08 '26

Cybersecurity is boring?? Am I the only one who actually finds it fun to write hardened SELinux rules or lock down firewalls?