Cybersecurity goes to seminary
There is a noticeable trend of people declaring themselves a “Cybersecurity Evangelist” A search of the term on LinkedIn finds over 38,000 people who claim security evangelism as part of their job title or description. However, a search of leading job boards finds only a scant listing of advertised positions. In fact, a search for “Cybersecurity Evangelist” jobs on LinkedIn reveals zero exact titles. The same search on Indeed returns only 84 available positions, and most are a hit for the Evangelist part rather than the Cybersecurity. Remarkably, upwards of 38,000 people somehow have obtained a title that does not seem to be a hirable position. What exactly is this role and what do those currently employed as it do? Even more importantly, what are the qualifications to be a Cybersecurity Evangelist? I set out to learn the answers to those questions since I might actually be an evangelist and just don't know it.
The most obvious qualification to be a Cybersecurity Evangelist, at least based on LinkedIn profiles, is you absolutely must be a super-serious person. Obviously, it is a position not to be taken lightly and only the most confident and steely souls should enlist.
The Merriam-Webster dictionary defines an Evangelist as a person who tries to convince people to become a Christian or someone who talks about something with great enthusiasm. Easton's Bible Dictionary defines the term as a preacher who has neither the authority of an apostle nor the responsibility of pastoral supervision.
So, we have an itinerant preacher who does not have the divine authority or managerial responsibility but does have the enthusiasm to deliver the good message.
Translating that into the realm of business: a person without disciplinary authority or managerial oversight but with superior knowledge of a subject and a drive to share that knowledge with others within the organization.
Should this not be every person involved in the security industry be it cyber or physical? Constantly learning, securing expertise in the field and then sharing it with others. Going to door to door, office to office, and cubicle to cubicle, in an effort to educate system users on best practices and procedures that need to be followed to kept the business safe. Sharing the security gospel. Praying for network health and the souls of insider threats.
Prayer is probably just as effective as the overpriced security software your about to purchase.
I might be a Cybersecurity Evangelist already. I have a breadth of knowledge concerning the Internet and Security. A firm grasp on how criminals use technology to commit a crime and victimize both persons and businesses. I love to share my knowledge and will do so anywhere someone will give me ten minutes of their attention. And most certainly, I have no authority or managerial responsibility.
I once heard someone humorously ask “What makes someone an expert? Because they say they are!” That is a tongue in cheek response to many so-called experts ego and bravado, but there is also a dose of truth in that assertion. What is an expert? Who gets to claim they are one? What authority has the power to say you are not?
Who gets to claim to be a Cybersecurity Evangelist? Who decides they cannot?
There does not seem to be any governing body to issue the title. There is no guild, board, membership committee, or even industry-recognized certification. In fact, there is not even an accepted list of job requirements. It is a title with an impressive connotation but little interpretation.
Maybe I'll spice up my LinkedIn profile. Everyone else is and it seems there is no one to tell me I can't.