Living in the IT Bubble: The Perils and The Perspective

Joao Correia

July 31, 2023 - Technical Evangelist

As we find ourselves amidst the height of summer, also fondly known as the IT industry’s silly season, things have noticeably slowed down. Half-strength teams echo through the usually bustling office spaces, and our ordinarily reclusive techies have temporarily traded their server rooms for seaside retreats. Some have even been spotted venturing into that mythic land known as ‘na-tu-re’. With the quieter pace, it’s an ideal time for us to step back, breathe, and contemplate the larger issues at hand.

A persistent quandary that intrigues me, especially during these quiet intervals, is a seemingly innocuous one. It’s something that we don’t often notice, but it can explain why even in an era of rapid technological evolution and groundbreaking software, employees continue to fall for age-old scams like the latest rendition of the Nigerian prince in distress, who promises generous interest if only you could lend him some ‘American pesos.’ The underlying reason? We’re all living in a bubble.

This bubble is not a dome, nor is it a silo, but it keeps us locked in just the same. It’s an IT bubble, a bubble that shapes our worldview and leads us to assume that everyone shares the same level of knowledge and understanding of IT and cybersecurity. This presumption is, unfortunately, a dangerous one.

This fallacy under which we operate each day perpetuates a false narrative: “everyone should know better than to fall for that scam”, “a corporate network cannot possibly be breached”, or “hacks are just Hollywood fantasy”. So, how did we get here? And what does it imply?

Most IT professionals, especially those of us who developed an interest in the field early on, can attest to feeling a sense of exclusivity. At a time when it was rare to find people with shared interests, we formed small circles where we indulged in computer talk, distancing those who didn’t grasp or value the topic. Back then, it was easy to acknowledge the existence of our bubble. The “nerd” or “geek” labels bluntly drove the point home.

However, this changes once you start working professionally in IT. Your tiny circle rapidly expands, especially if you attend industry events, conferences, and presentations. This expansion gradually blurs the boundaries of the bubble until we forget it’s there.

So, why is this a problem? The bubble’s existence leads us to overlook a startling reality: most companies do not have dedicated IT teams. Their cybersecurity knowledge is subpar compared to what we, as IT professionals, discuss with our peers. This insular bubble blinds us to the world where botnets, scams, phishing attempts, and other low-hanging threats exist.

You might be wondering, “How does this concern me or my company? We have a proficient ops team, a diligent blue team, and ample budget for new solutions”. The answer lies in the sheer numbers. The more companies lack proper cybersecurity, the greater the number of systems and resources can be compromised, posing an indirect threat to your organization.

Therefore, this summer, as you sip on your mojito poolside, take a moment away from tech Twitter. Pick up an industry journal – any industry, any journal – and observe the IT-related discussions from a non-IT perspective. It could be about protecting industrial equipment, upgrading legacy systems, connecting inventory to accounting systems, or setting up a website.

Understanding the broader landscape outside our bubble is vital, and realizing that companies are mostly still struggling with the basics makes it far, far easier to realize why we won’t solve cybersecurity any time soon.

So, let’s embrace this summer season not only as a chance to recharge but also as an opportunity to peer out of our bubble, broaden our perspectives, and build a more holistic understanding of the IT world we are part of.

Summary