What Does it Mean to Work in IT and Cybersecurity?
It’s an exciting time to be working in IT and Cybersecurity. According to gov.uk, UK tech investment grew 2.3x in 2021, the highest growth since 2014. But thinking back a long time, way before my life in IT, I would often wonder what was going on behind the scenes. So I’m glad to get the opportunity to big up some of the specifics of what we do, and lift the lid a little for those out with IT who also might be wondering…
IT and Cybersecurity Specialisations
IT departments can be sprawling – and in many organisations, formally split into a dizzying range of specialisations. For example, it’s common to have specific teams for helpdesk, networking, servers, apps/software, web dev, cybersecurity… the list goes on.
These can further be divided into “fixing existing things” and “developing new things” (there is a big difference!). For smaller organisations, many of these functions may be shared or outsourced, but all the same, still critical parts of the business that need time and attention.
And then don’t forget the management team, devising the wider strategy, and working with the rest of the business to put “digital first”. To the uninitiated, this might be a surprisingly broad range of specialisations!
Looking after Servers
Take, for example, the team who looks after servers. Servers are simply heavy-duty PCs providing certain functionalities, often on a grand scale. So when you log in to a work laptop, your account information is stored privately and safely on a server, somehow, somewhere. Servers are also commonly used for sharing data, or hosting webpages, or hosting “web apps”.
To complicate matters further, servers increasingly are based “in the cloud” as opposed to the more traditional “on-premise” big, noisy, server rooms. There are all sorts of benefits to this approach but it adds further technical overhead to those in IT overseeing things.
Another example – particularly pertinent in the last few years – if you have ever experienced working from home it would’ve been technology put in place by network specialists, in conjunction with other teams like server teams, apps and the helpdesk, to ensure you have access to the software, and that you know how to use it.
Off the back of this, from a security point of view, we need to think carefully about what data is being accessed on what devices? Are the devices secure, encrypted, and patched up to date? What is the nature of the data?
When you think about it, the entire backbone of many businesses is built on data, IT and tech – whether that’s inventory databases, websites and UI (user interface), media, or simply whatever form of data is held. The list is not only varied and comprehensive but it asks for significant technical knowledge and experience to be able to manage it all, hence the wide and varied specialisations within the department.
In terms of “what does it mean to work in IT” – truly much of the job satisfaction comes from the idea that strategic IT decisions made within these specialized teams, resonate throughout the rest of the business. Whether that’s hardware purchased for staff, the technical infrastructure behind your network connection, how you access data, or how secure your laptop is from cybercrime – all of these decisions are being painstakingly considered, reconsidered and improved to benefit the entire business.
And it’s why the “digital first” approach is ubiquitous in mission statements and annual reports, but this should also be considered “digital security first”.
For example, here at ZynQ 360, with our software platform, we’re constantly scrutinizing current security trends. We utilize 3rd parties to perform security monthly penetration-testing to further ensure our security posture is as robust as possible.
Day-to-day it makes for a varied and interesting life – as the cliché goes, no two days are the same. One moment it can be running data backups or restores, purchasing and maintaining high-spec rendering workstations, to affecting cybersecurity policies, or working closely with business staff to ensure they’re able to do an excellent job.
IT and Cybersecurity
As a further example of this variety, last month I attended a Cybersecurity event hosted by CeeD (Centre for Engineering, Education and Development) – an excellent opportunity to be introduced to those in similar roles in other companies here in Aberdeen. Cybersecurity especially is a collaborative effort – not just internally, working with those in your own organisation, but also taking in and sharing information and best practices with like-minded peers around you.
Things can happen very quickly in Cybersecurity. Just at the turn of the year, there was an incident (known in IT circles as the Log4Shell vulnerability) which – if not dealt with correctly – could grant cybercriminals easy access to company networks and was described as “the most critical vulnerability of the last decade”. These vulnerabilities need to be patched immediately and require quick acquiescence from the rest of the business. It’s at events like the one hosted by CeeD where we’re able to compare and reflect on our preparations for these kinds of incidents.
So, to summarise – working in IT and Cybersecurity is varied, fast-moving, influential on the business, and most of all, great fun.