![](/static/253f0d9/assets/icons/icon-96x96.png)
![](https://sh.itjust.works/pictrs/image/c38fd5ff-821e-45c9-b2ee-957d0321d2e2.webp)
Really struggling to find the value in this article. How does it go from
Cybersecurity is typically handled by a company’s IT staff, who become quickly overwhelmed
to
The most effective way for SMEs to escape this cybersecurity hell is to adopt a single platform
without so much as entertaining the idea of hiring a dedicated team of security professionals with this specific task in mind?
This reads more like, “We have all these lawyers that sometimes talk to the IRS, instead of hiring an accountant let’s just buy TurboTax.”
It’s an odd position to be in; I work in the private sector but my company deals almost exclusively with government and NGO contracts, so at times I feel like I’m public sector.
What I’ve noticed is that even though the desired outcome is nearly identical for both sectors, the buzz words associated with each is what determines who responds to my job applications. As an example:
Private: IaC and Policy-as-Code, supply chain and software composition analysis, SAST, DAST, etc.
Public: Compliance automation, risk management frameworks, risk quantification (this one has generated a lot of excitement recently), etc.
This is purely anecdotal, but you may find adjusting your resume to include some of these buzzwords as applicable to the industry to which you are applying may help you get your foot in the door.
To reiterate, yes I know in the end all of these companies strive toward the same goals, whether it be passing audits or being able to demonstrate prudent security practices to clients, sometimes the hiring manager is looking for specific terminology and will discard any applications that exclude it.