I Don't Like Cybersecurity Degrees #programming #coding #lowcode

"a little bit about everything" isn't that just a normal CS degree?

yugalkhanal

To be fair, bachelors degrees are very broad and shallow in general. It's masters degrees and above where you actually specialize in something.

LazarusBell

"a little bit of everything" describes literally every technical degree (engineering, medical, computer science etc). The only time anybody expects someone to walk out of university as a subject matter expert of some aspect of a subject is when they walk away with a PHD. Employers want to see you understand the basics and have the capacity to learn concepts related to your degree and grow into a sme

john

My boss told me something along the lines of "you don't have to be the best in everything, you just have to know when something is bad. If you can't do it better, then you can always find someone who can"

So find someone who knows a bit of everything and teach them how to lead a team, because it's always going to be a team effort.

cmajesty

All bachelors degrees are a “congratulations you know a little bit of everything”. Every single one of them. There is no bachelors degree for IoT or embedded systems. There is degrees for software engineering or IT. Only generic concepts.

It’s the masters where you have to pick an area and specialise in it yourself while working through your thesis. You become your own expert by working on a project you selected for several months.

MyNameIsSalo

This is a bad take. A degree does not, ever, in any field, indicate that you know everything in that field.

TheSavannahbug

A counterpoint: I'd rather hire someone with a little bit of knowledge of everything, a knack for conducting good web searches, and the humility to go "actually, I don't know that offhand, let me look it up." That last one is a rare trait.

CFSworks

To be a jack of all trades, but a master of one I think is the best way to do anything in IT. Everything touches everything else so it's good to have an overview of more than just your chosen specialized niche.

nathanielmoore

I work cybersecurity. There has been an influx of Cyber degree holders with comptia certs who have zero interest in the field, zero interest improving the organization. Considering leaving the field altogether

Katsumato

In my opinion this take is wrong. Almost any field of study is general at first to give an overview, to be able to talk to each other, get the connections between the fields and figure out what interests you. Later on in the studies, you specialize in a field and then become a specialist in that field. Asking to know all details about everything is just the wrong expectation from your end - that is not the goal and never has been. A medical doctor also specialize and noone expects a specialist for eyes to be able to perform heart sugeries.

BouncingCow

I disagree completely with this take. You're overloading the word "professional". By this argument, no one can be a professional engineer, professional mathematician, professional physician, professional physicist, professional lawyer etc. That's just silly. You become a professional in a field by having enough knowledge, experience, and skills to get paid for labor or works done in that field. That's it. At a certain level of depth and complexity, just being able to get a handle on a single problem in the field is good enough to make you an expert. That's why every complex field of knowledge has specializations, like being a mathematician, engineer, doctor, or lawyer, or hell even a computer scientist these days. This is just one massive L take.

carljones

It's also not about the degree. Job descriptions and the whole application process are often trying to filter for "rockstars" who at least sell themselves as experts at everything, because if they don't, someone else who does sell themselves better actually gets the job.

AnimaLepton

I feel in cybersecurity the most important things are to be analytical, curious, and slightly paranoid. Finding an outside hobby away from computers is important as well so you don’t burn out.

Blacksheep-ikgx

My friend is in school for cybersecurity. A good chunk of the degree is fluently explaining to corporate how and why IT security is important, and quantifying cost-benefits of fixing security issues.

patx

Also lets not forget that a lot of classes in cybersecurity is stuff like: dont pass user input into this sql query .

Binary exploitation, getting RCE out of a vuln, fuzzing, etc... Is never touched upon.

Marco-uoww

Useless ranting.

The primary "issue" is that college is about academic study, not job training. And it has absolutely zero to do with the topic.

There's almost no reason for an academic degree in cyber security, UNLESS you are going to make it a multi-discipline program that aims to educate about human behavior and thinking, the nature of security (in general), how computer can promote or hinder security, and so on.

jnharton

I don't agree at all. A generalist will catch a lot more of the obvious flaws like SQL injections, XSS, not salting and hashing passwords when you store them, etc. Those are all the basic of the basic. If your company doesn't have anyone with security basics, there's going to be so many holes for a new-grad generalist to fill. If that's not the case, a generalist will at least be able to cover whichever parts you need more people on.

ejun

Cyber sec professional here, you absolutely dont need this

kenners

I think you are discounting the true value of generalists who can specialize. There are not many of us out there, but there are some of us. The only real bulwarks to our knowledge is just what we are interested in at any given time.

askholia

As a Junior PenTester who recently graduated with a CIS: Cybersecurity degree, I'd say it's better to become a Subject Matter Expert (SME) in a certain pillar of cybersecurity such as web applications or cloud (just an example, like he says it's necessary to have a base level of knowledge in everything almost lol)

forged