Cybersecurity Is JAR

Photo by ThisIsEngineering from Pexels

I lead a sizable cybersecurity engineering organization for large defense contractor.

A common discussion topic within the organization relates to the idea that cybersecurity, as an engineering domain, is different from other traditional domains like systems engineering and software engineering.

We are not.

Everything we do in the course of our work, has a similar practice in those other domains.

The threat based assessments we do, is very similar to the safety hazard analysis safety engineers do; or the failure modes and effects analysis that reliability engineers do.

Pen testing is another form of stress testing or environmental testing that test engineers do.

Our biggest challenge culturally, is getting these other engineering domains to accept this validity of this idea.

Unfortunately, when we try and create distinctions, either culturally or organizationally, from those core engineering domains — we simply pour fuel on the fire we want to put out.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Greg Sweeney

Greg Sweeney


Leader. Futurist. Father. Veteran. I write mostly about the trends and issues facing the cyber ecosystem, leadership, and workforce strategies.