The title of cybersecurity engineer has always intrigued me because it holds different meanings depending on where you work. In one company, you might be configuring firewalls, while in another, you could be handling GRC (Governance, Risk, and Compliance). However, for Ross Anderson:
“Security engineering is mainly about building systems that remain dependable in the face of malice, error, and mischance.”
The cybersecurity landscape is continually evolving, marked by escalating threats such as ransomware attacks and data breaches. The rise of artificial intelligence has intensified these threats, causing them to emerge at an unprecedented pace. Therefore, as a discipline, cybersecurity must align more closely with Ross Anderson’s definition, which emphasizes the importance of focusing on the tools, processes, and methods necessary to design, implement, and test comprehensive systems. Additionally, it is crucial to adapt existing systems as their environments change.
In simpler terms, our role as cybersecurity engineers is to ensure that the environment we work in can function in the face of malicious attacks and is resistant to them. This means it’s not only about security-focused solutions like firewalls, EDRs (e.g., detecting malware on endpoints), and SIEMs (e.g., monitoring and analyzing security data) but also involves every action, resource, or asset that exists in that environment.
For now we are still far from that but a big change is coming.