If you think of the network and IT security of the future, there are signs that this is becoming more of a programmable API than a service done by network or security engineers. We are beginning to see a change in the skillset required to work in networking and IT security soon (personally I think it has been a essential skill all the way, but now we are seeing broader adoption of this).

Programming will be a essential task for anyone in IT and I think it will become much more natural to consume IT services via APIs in the future. And people will love it.

Finding the unicorn

There is a problem though, the skillset we will be looking for in the future is hard to find. I would not go as far as calling those people unicorns, but it will certainly be a challenge and there will be a huge market for them.

It will certainly make no sense to hire a unicorn (or a bunch of unicorns) to totally remodel your workflows. This will be a recipe for failure and adoption of a new model is key to being successful. Everyone I know that deals with this problem is trying to take a approach of hire and train. Benefit from the huge experience your team has and bring in new skills that fit a more modern oepration model.

What to do?

What can we as networking and cyber security professionals do about this? Here is my opinion and the things i hear from my networking and IT security peers:

  • Use the right tools that fit into automation and can be completely API driven
  • Recruit people that are raised cloud-native, that think infrastructure is code and know the right tools and how to interface them
  • Mix those people with the experience of your experienced senior networking and security employees and create mutual wins
  • Qualify your workforce to adapt to the new paradigm and give them a way to develop those skills
  • Create a environment and a culture of automation
  • Take the fears and worries of your employees seriously (will automation kill my job?)
  • Be loved by your application teams, because they get things done much faster than before (and ideally more secure than before)

What do you think? Is network and security automation just a trend that will go away? How do you get the right people and train your employees to get there if you believe it will not go away?