Why are former military folks disproportionately represented in cybersecurity?

2.2k views3 Upvotes17 Comments

CTO in Software, 11 - 50 employees
I was former military and when I exited at 22, I started to explore cybersecurity while it was still an emerging field. There is sort of a revolving door between the cybersecurity sector, the defense space and the financial sector as they all revolve around risk. And it’s because we all recognize that it's no-nonsense and by reputation. I know that if I reach out to a buddy of mine who served, there is this peerage that I can tap into. There is parity that exists between the two of us because they know I'm not going to let them down and vice versa. When you make a connection that way, it's much more robust because there is implicit trust.
CISO in Software, 10,001+ employees
I am not sure I would completely agree as many high tech companies like Oracle and Microsoft are very active and aggressive in recruiting veterans.  Disclosure: I am a veteran myself and very active and promoting this program to help both former military as well as helping companies fill the gaps in cybersecurity talent availability.


and our public MAVEN (veteran podcast):  https://www.audible.com/pd/MAVEN-Podcast/B09X6H89TSaction_code=ASSGB149080119000H&share_location=pdp&shareTest=TestShare

CISO in Software, 201 - 500 employees
Perhaps because the disciplines are very similar. Starting with the mindset & personal traits (resilience, willingness to face the unknowns, understanding that it is both a psychological and technical discipline) all the way to the ability to prepare your organization for the future conflict before it even becomes a "clear and present danger" – and knowing how to leverage your training efficiently when an incident occurs. 
Director, Strategic Security Initiatives in Software, 10,001+ employees
Not sure if that's the case. We have Security teams with the right balance of former military folks.
Director, Information Security in Education, 1,001 - 5,000 employees
Disclaimer: I've got no history, direct or associated with the armed forced

The US military (like most large, modernized militaries) puts lots of resources into cyber capabilities so there are a lot of folks who've gotten security specific training while enlisted.  Many already have the security clearances + benefits of veteran hiring programs to get their foot in the door.  Also, an aspect that isn't directly related to cyber security in terms of the military, but threat modeling & management as well as collecting and utilizing intelligence are are skills that can quickly be translated to proficiency in infosec.   

It's a combination of possible training by the military, skillsets associated with the military, and aspects of prior service that make it easier to enter the security field compared to someone with no related experience.
Director, Information Security Engineering and Operations in Manufacturing, 5,001 - 10,000 employees
Are you saying that there are more military personnel represented in cybersecurity, or that there are fewer? It's hard to figure out from the question which position you're taking.
I would say that regardless, the two disciplines are very similar in that they are about protection. Whether it's IT assets or protecting your country the mentality is similar.

1 1 Reply
Director, Information Security in Education, 1,001 - 5,000 employees

This is a good point and wasn’t something I picked up on reading initially. Going off personal experience I assumed it about representation higher than the general population, most replies have seem to done the same. However this could also be something specific to the US and a handful of other countries while being completely inverted elsewhere.

I’d be curious about the perspective and the why of places where they’re underrepresented

Director, Security Operations in Telecommunication, 501 - 1,000 employees
As a former US military member, "cybersecurity" didn't exist when I left the military, however, I did get involved in emerging "information security" not too long after I entered the private sector.  I think that the inherit nature of the military, which includes things like OPSEC, COMSEC, INTSEC, etc. forms a good basis for foundation security of any kind.  This coupled with (this may surprise a lot of non-ex-military), the advance state of technology within the military and the stringent rules (and enforcement to follow these rules) sets the stage for what we see today from a "representation" standpoint.
Associate Vice President, Information Technology & CISO in Education, 1,001 - 5,000 employees
I sit on the board of a largely recognized Canadian University that offers an accelerated cybersecurity program. Several of the board members have indicated that some of their best cybersecurity hires do indeed come from veterans / former military personnel.

There are many reasons why this would be the case, including the approach and learning of discipline, process, and hierarchy in the military. They are able to utilize many transferable skills from their military days into cybersecurity.

Now, to answer the question as to the disproportionate representation, this mostly has to do with our talent pipeline and the fact that we aren't actively targetting/acquiring talent from our veterans. As part of this, we need to work with our military counterparts to also provide some training (apart from those already in intelligence etc.) to those in active service. By offering cybersecurity training, they will be able to make easier transition into the cyber field.
Vice President and Chief Information Security Officer in Finance (non-banking), 10,001+ employees
The military trains people in intelligence gathering and analysis, which are critical skills in the cybersecurity operations space.
Director of Information Security in Energy and Utilities, 1,001 - 5,000 employees
Not all of their skills and knowledges can directly apply to cyber security.  Some requires retooling in order to fit in especially technical skills. 

Content you might like

CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
44.8k views132 Upvotes322 Comments

Community User in Software, 11 - 50 employees

organized a virtual escape room via https://www.puzzlebreak.us/ - even though his team lost it was a fun subtitue for just a "virtual happy hour"
Read More Comments
11.9k views26 Upvotes63 Comments

Chief Technology Officer in Software, 51 - 200 employees
My personal experience. 

I usually get the feedback and go back with data driven analysis providing details to cross leaders to understand the context and make decision basis data and and not gut feeling. 
Read More Comments
2.1k views2 Comments