Most People Have No Idea What Being a Cybersecurity Incident Responder is Like

There are a lot of things most people don't know about working in cybersecurity.

For example, did you know...

Not everyone is technical. Some roles do not require deep technical knowledge or code writing capability.
Excellence may not be enough: Cybersecurity workers can be great at their job and their company can still be breached.
Some roles are detectives. These people review numerous logs and stop a large number of situations before they become emergencies.

For anyone in the industry, this stuff is common knowledge.

But to those who haven't lived "a day in the life" of cybersecurity workers, some of these might come as a shock.

For example, here's the weirdest thing most people don't know about doing cybersecurity work:

Incident responders not only have to solve the puzzle, but they also have to find the puzzle pieces first.

Imagine being given a puzzle where the pieces are not only blank, but they also are not cut yet.

Read that again.

You know you are looking for something, but you don't know what. You have a sense of size and scope, but it may not be that at all.

Depending on the type of incident, this scenario is what cybersecurity incident responders can encounter.

They have been told or they can tell that something is not right in their environment. They have no way to know where it is or what is causing it.

Cybersecurity incident responders use the things they do know and their situational awareness to determine what the pieces are.

Then they work to build the puzzle they are solving.

What if I told you that sometimes they resolve the incident and never know what caused it?

Crazy, right?