• Vqhm@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    ·
    edit-2
    10 months ago

    I feel that engineer is shoehorned into a lot of job titles nowadays… But I also now work in software engineering. I have a degree in CS as well as degrees and certs in cybersecurity.

    Should I need to be licensed by the State to discuss the lack of cybersecurity in systems?

    If anything, my studies, and application of project management pay more benefits than my CS certifications and degrees. SMEs really lack the ability to explain to management how it costs more to screw around and half ass some fantastic plan than to, you know, just get minimum viable product going then integrate improvements.

    Previously I worked with aircraft where safety is written in blood. Yet in software dev I still have a hard time convincing people to provide a software bill of materials even though it’s required. It’s still the wild west. Even when DHS Secretary Alejandro Mayorkas termed “killware” only a few took notice.

    I guess what I’m saying is that we care more about Netflix uptime than we care about if water treatment plants or infrastructure that could literally kill people if it fails insecure.

    The problem is qualified people already built a lot of the systems that are either no longer secure or no longer up to the task post IoT and climate change. How do we admit that qualifications aren’t the problem? The problem is lack of continued penetration, stress, fail safe, or regression testing!