Slashdot Mirror

← Back to Stories (view on slashdot.org)

McAfee Finds That Gamers Are Strong Candidates for Cybersecurity Jobs (venturebeat.com)

Posted by msmash on from the how-about-that dept.

To beat cybercriminals, McAfee suggests in a new report that gamers may be the key candidates for cybersecurity jobs. From a report: The Santa Clara, California-based cybersecurity company said it did a survey of 300 senior security managers and 650 security professionals at major corporations. And 78 percent of respondents said that the current generation entering the work force -- those that grew up playing video games -- are stronger candidates for cybersecurity roles. The report suggests that gamers, those engaged and immersed in online competitions, may be the logical next step to plugging the skills gap.

92 percent of respondents believe that gaming affords players experience and skills critical to cybersecurity threat hunting: logic, perseverance, an understanding of how to approach adversaries and a fresh outlook compared to traditional cybersecurity hires. Three-quarters of senior managers say they would consider hiring a gamer even if that person had no specific cybersecurity training or experience. 72 percent of respondents say hiring experienced video gamers into the IT department seems like a good way to plug the cybersecurity skills gap.

62 comments

  1. Oh No! by LifesABeach · · Score: 4, Funny

    Equifax has a job opening for a Music Major to manage their computer security

    1. Re:Oh No! by jellomizer · · Score: 1

      In college we had a lot of Music Majors who were more technically savvy then some of the Computer Science and Computer Engineering Majors.
      Their creative skills augmented their technical training, allowing for better understanding of the classed topic. While the STEM students just took what the class taught as wrote, and didn't bother expanding their minds beyond what was taught to why it is was taught.

      Now for Equifax, there is little evidence that this guy had technical training to make him qualified to make such decisions. But I wouldn't fault the fact he was a Music Major as a reason to point out that he was an idiot.

      --
      If something is so important that you feel the need to post it on the internet... It probably isn't that important.
    2. Re: Oh No! by Anonymous Coward · · Score: 0

      Sadly, they were a female, as well.

      Which shouldn't have anything to do with anything, but then people scream "affirmative action hire".

    3. Re:Oh No! by Anonymous Coward · · Score: 0

      before popping off, get your facts in order.

    4. Re:Oh No! by tquasar · · Score: 1

      My brother Pete played the clarinet and was a genius level brainiac. Played chess with locals then played chess by mail .Make a move, mail it to your opponent. Opponent makes move, mails it back. He would not be a good candidate for a security job.

    5. Re:Oh No! by Anonymous Coward · · Score: 0

      Equifax should have hired someone graduated from Hax0r University with a Ph.D.

      How does 1.5 Billion user/pass plaintext database end up on the darkweb? Employee leakage?

    6. Re:Oh No! by Anonymous Coward · · Score: 1

      While the STEM students just took what the class taught as wrote

      Rote.

      Now for Equifax, there is little evidence that this guy..But I wouldn't fault the fact he..point out that he

      Woman. The person we are referring to is a woman.

      I suppose that is the "creativity" of which you speak.

  2. Drugs are bad, mmmk? by DigiShaman · · Score: 1

    Bath salts. Just avoid them.

    --
    Life is not for the lazy.
  3. Speaking as someone who has hired them... by Minupla · · Score: 3, Interesting

    90% of my interview candidates can't articulate the difference between public key and symmetric encryption. I'd probably hire them if they could play Zork, and knew the difference between the two.

    --
    On the whole, I find that I prefer Slashdot posts to twitter ones because I don't get limited to 140 chars before
    1. Re:Speaking as someone who has hired them... by Anonymous Coward · · Score: 0

      Because being able to answer knowledge questions on the spot is an adequate indicator of performance potential.

      I'd at least pull out my phone and read you the answer, rather than suggest you Google it yourself."

      Why not give them a task involving that knowledge and see if and how quickly they can solve the problem (with all of the standard toolset)?

    2. Re:Speaking as someone who has hired them... by Anonymous Coward · · Score: 0

      > 90% of my interview candidates can't articulate the difference between public key and symmetric encryption.

      Who is applying to you if 90% of the people can't figure out that in public key, the public key encrypts and the private key decrypts whereas in symmetric encryption, the same key is used for encryption and decryption (and is therefore harder to share securely)?

      I hope they don't have to implement any security software. At this rate, I don't expect them to know what xor is, let alone an S-box.

    3. Re: Speaking as someone who has hired them... by Anonymous Coward · · Score: 1

      Anecdote time here. I once had a job interview that the guys asked the difference between streaming and message oriented protocols, 1995 bsd socket era.

      I had been writing smtp, irc and pop3 clients and servers for 6 months at this point and only new udp as datagrams, not messages.

      I totally borked an entry-level interview over something stupid.

    4. Re:Speaking as someone who has hired them... by Anonymous Coward · · Score: 0

      perhaps you could use your winnings for some English and social etiquette lessons.

    5. Re:Speaking as someone who has hired them... by gravewax · · Score: 2

      if you couldn't answer such a basic question without google you should be instantly disqualified from ANY security role as well as many non security based roles too. Such levels of ignorance are a sure sign that you really don't have a good base knowledge to work in IT.

    6. Re:Speaking as someone who has hired them... by Anonymous Coward · · Score: 0

      being able to answer a basic question on the spot is a good indicator whether the person is worth spending more time on so they can demonstrate that knowledge. Why waste 10 mins giving them problems to solve when a 10 second question can easily filter out some of the dead wood that walks through the doors.

  4. Gamers == Optimizers by UnknownSoldier · · Score: 1

    Gamers are like water flowing downhill -- they _will_ find the most efficient path. Why people are surprised about this is beyond me.

    Unless you play hardcore, the entire risk:reward in games is a complete joke, especially with the grindfests that modern gaming has devolved into.
    i.e.
    Do some boring-menial-grind for X hours for a % of phat loot -- oh wait, that sounds exactly like a job.

    1. Re:Gamers == Optimizers by DigiShaman · · Score: 2

      "Doing" is not the same as "understanding". Gaming requires repetition, consistency, and often per-mutative testing and isolation to meet the goal most efficiently. But that's not at all the same and understanding how it all works in abstracts. Honestly, you'd be far better served hiring an automotive mechanic than a gamer for cyber security. At the mechanic has the foundational knowledge for troubleshooting and isolation.

      --
      Life is not for the lazy.
    2. Re:Gamers == Optimizers by Anonymous Coward · · Score: 0

      That's cleaning up a borked McAfee uninstall. A noob would spend hours trying to clean out the registry. A pro would reimage the system.

    3. Re:Gamers == Optimizers by subanark · · Score: 2

      The summary calls out that they mean competitive gamers. I'd imagine that Hearth Stone and League of Legends are primary candidates for this. The first being more strategy focused, while the later has a team element to it.

    4. Re:Gamers == Optimizers by Anonymous Coward · · Score: 0

      Most of them just read online strategy guide and follow those mindlessly.

    5. Re:Gamers == Optimizers by Anonymous Coward · · Score: 0

      For 99% of cases, you actually meant "go to gamefaqs and follow someone's elses instructions".

      Nevertheless, what is a "gamer" nowadays? A eSports player? Someone who finished Super Meat Boy? Who plays candy crush 15 hrs a day? Who just plays videogames, sometimes, no matter which ones? It's another term which has lost any meaning in the recent times.

    6. Re:Gamers == Optimizers by Anonymous Coward · · Score: 0

      Gaming requires repetition, consistency, and often per-mutative testing and isolation to meet the goal most efficiently. But that's not at all the same and understanding how it all works in abstracts.

      Not all games are mindless shooters.

    7. Re:Gamers == Optimizers by rtb61 · · Score: 1

      There are two types of gamers, one good and one bad. If you do not make that distinction you are fooling yourself. Gamers who cheat and gamers who do not cheat, guess which gamers you should put in security roles and which you should avoid like the plague. So sure games who don't cheat, who don't play games where you can buy power ups to beat people who do not buy them and gamers who prefer coop to pvp and of course gamers who play I don't know maybe strategy games instead of shooters, or any game that use strategy over shooting everything. That I can agree with, just gamers 'er' absolutely not.

      --
      Chaos - everything, everywhere, everywhen
    8. Re:Gamers == Optimizers by Anonymous Coward · · Score: 0

      Most gamers are TERRIBLE when it comes to efficiency, they may be god tuners and problem solvers but that is NOT what you need for most tasks, you need people that take the most efficient path which invariably in many IT tasks is NOT to solve the problem and spend hours grinding away, it is to reimage, restart, redeploy. For many systems time to recovery is far more important than root cause problem analysis.

  5. Perfect complement to SWAT teams by Anonymous Coward · · Score: 0

    Public security SWATters to call in the SWAT teams. Perfect fit.

  6. When You Jump On The Door You Glitch Into The Wall by dryriver · · Score: 2

    Isn't that precisely how cybersecurity works as well? Good hiring strategy!

    --
    Why did the chicken cross the road? Because Elon Musk put an AI chip in its head.
  7. The best ones are French Literature degree holders by WillAffleckUW · · Score: 1

    Surprisingly, the best ones are actually French Literature bachelor degree holders, followed closely by those with various foreign languages (other than their own).

    The problem is that the vast majority of people who apply for such positions are gamers. As my gaming friends worldwide could tell you, it is very possible to be both.

    --
    -- Tigger warning: This post may contain tiggers! --
  8. Means these jobs will be automated? by VeryFluffyBunny · · Score: 1

    AI is really good at playing computer games. So if AI has the same skills set that cybersecurity workers have, their jobs are soon to be automated out of existence.

    --
    Debate is a form of harassment. Do not question my truth.
    1. Re:Means these jobs will be automated? by war4peace · · Score: 1

      "computer games" is a broad term.
      There are games AI is very good at, there are games it sucks at.

      --
      ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
    2. Re:Means these jobs will be automated? by gravewax · · Score: 1

      AI is really BAD at most computer games. it is really good at a tiny subset of games with well defined rules and strategies and complete information.

    3. Re:Means these jobs will be automated? by afxgrin · · Score: 1

      Even the games where AI is difficult they are usually given some additional advantage over the player otherwise they are trivial to beat.

  9. Managers, meet HR by magarity · · Score: 4, Insightful

    Three-quarters of senior managers say they would consider hiring a gamer even if that person had no specific cybersecurity training or experience

    Except those people's resumes never make it past the HR filter because they don't list any specific training or experience.

    1. Re:Managers, meet HR by Anonymous Coward · · Score: 0

      Three-quarters of senior managers say they would consider hiring a gamer even if that person had no specific cybersecurity training or experience. 72 percent of respondents say hiring experienced video gamers into the IT department seems like a good way to plug the cybersecurity skills gap.

      I am fairly certain that in the 1990s similar things were said of web page developers. I believe the survey asked about gamers, but the answer would be the same for any skilled person interested in reading audit logs for long periods of time. The reality is that these "senior managers" need more people for compliance and they have trouble attracting and retaining that talent.

    2. Re:Managers, meet HR by Corbets · · Score: 2

      Three-quarters of senior managers say they would consider hiring a gamer even if that person had no specific cybersecurity training or experience

      Except those people's resumes never make it past the HR filter because they don't list any specific training or experience.

      I get kind of tired of such comments. As a hiring manager in cyber security at two different companies over the past decade, I can tell you that HR doesn’t decide who gets in; I do. If I want them to filter based on certain keywords, they will. If I don’t say that, they won’t. If they have any doubts, then the CV winds up in my inbox, because finding qualified cyber candidates is *hard*. So quit blaming HR - it’s my choice to reject your ill-designed and poorly-communicated CV, and they’re just the messenger.

      That said, I guess the difficulty in finding qualified cyber candidates has a lot to do with why the interviewees answered the way they did in this article (naturally, I didn’t read more than the summary - I’m a manager, after all - and yes, that was tongue-in-cheek!). I’ll take people with any background as an entry level hire if they show aptitude and intelligence. One of my better hires was a poli sci major...

    3. Re:Managers, meet HR by Minupla · · Score: 1

      One of my better hires was a poli sci major...

      This. One of my best promotions ever was a woman who had started in the call center. She knew all the ins and outs of the software and every fraud trick in the book. She also had a technical mindset. When I resigned, I recommended her for my old position, and she's rocking it.

      CyberSecurity IMO is about 50% technical chops, and 50% soft/social/psych skills, outside of some narrow entry level positions. Even a technical pentester needs to be able to put themselves in the shoes of the developer and ask themselves "If I were them, where might I have taken a shortcut".

      That's why it's so difficult to hire for the position.

      Min

      --
      On the whole, I find that I prefer Slashdot posts to twitter ones because I don't get limited to 140 chars before
  10. I've a lot of anecdotal evidence saying otherwise. by Anonymous Coward · · Score: 1

    I'm a gamer, but in my experience most people who game enough to be called "gamers" are lucky if they aren't too high to make it to work. Above and beyond the fact that, much like me, they are often not the most socially well adjusted people. Since about half of most jobs in security industries involve writing reports for customers and presenting those reports to customers, I don't see how your average gamer fits that bill.

  11. Brute force using computers is cheaper by Anonymous Coward · · Score: 0

    And you don't have to put up with the stench!

  12. Gamers == Dateless. by Anonymous Coward · · Score: 1

    Obviously, just look at how most of them will never breed. Efficiency at it's best.

  13. People SAID it, doesn't mean it's true by wonkey_monkey · · Score: 3, Insightful

    And 78 percent of respondents said that the current generation entering the work force -- those that grew up playing video games -- are stronger candidates for cybersecurity roles.

    Firstly, what respondents say isn't necessarily the objective truth. Secondly, just who are they stronger than? It should be bleedin' obvious that just on average you'd expect gamers to be stronger candidates than the average person in the street, simply by dint of probably knowing a bit more about computers.

    --
    systemd is Roko's Basilisk.
    1. Re:People SAID it, doesn't mean it's true by Guybrush_T · · Score: 1

      That. This is another clickbait study that doesn't show anything.

      Answers could be biased for so many reasons. Like the mental projection for senior managers that gamers, hackers, and all those youngsters playing all day with their computers are the same... they know better how to use a computer than themselves. Sure, but that doesn't make them good at security, although obviously better than the average senior manager.

      I've been fighting the idea that video games were making kids stupid for decades (they do teach a lot of things and are extremely brain-intensive), but this time, this is backwards -- although this is still just ignorance and stereotypes at work.

  14. Where's my job offers then? by Anonymous Coward · · Score: 0

    Been playing video games pretty hard core for the last 20 years, and I'm already in the IT field self-taught with intermediate to advanced knowledge of cybersecurity as it is. Where's all of these managers offering me a job? >.

    1. Re:Where's my job offers then? by Joe_Dragon · · Score: 2

      you smoked POT and HR say NO!!!!!!!!!!!!!!!!!!!

  15. Mcafee says this by grasshoppa · · Score: 4, Interesting

    It's worth pointing out that Mcafee, a supposed "security company" who no competent security professional would rely upon, said this.

    It does explain a lot, now that I think of it.

    --
    Mod me down with all of your hatred and your journey towards the dark side will be complete!
    1. Re:Mcafee says this by Anonymous Coward · · Score: 0

      Also they're owned by Intel.

      Who has not had security in in their chips due to Meltdown and Spectre for the last 20 or so years.

  16. That's not all by easyTree · · Score: 1

    They'd be ideal in marketing too, similar as it is to the spray and pray strategy employed by many gamers.

    --
    Requiem for the American Dream
  17. When I was a kid... by Anonymous Coward · · Score: 0

    ... I was a serious gamer. I devoted considerable time to the few console games I could afford to buy. After so many replays you start looking for "alternative paths" to just running through the main story/plot/purpose. It's a creative venture to have fun in ways the original content creators may not have had in mind.

    Eventually I acquired a game genie for the NES and that opened a new world of possibilities (for those that don't know, this was, more or less, another cartridge that the original NES game would seat into so that it could intercept and modify certain memory contents on the fly). Unfortunately, the interface for the game genie is rather opaque and doesn't really explain much about the inner workings of the game. But some years later I got a game shark for the N64, and this probably changed my life. Unlike the game genie, you actually entered real memory addresses, and not only that, but you could pause the game and explore memory contents. I was teaching myself computer architecture and assembly (before university) to have more and better fun, from whatever cobbled together sources I could find on the internet at the time (long ascii only text documents, probably from zophar ...) . This got me an early start into my computer programming career, and at least laid a foundation for most of the first few years of computer engineering degree (though I didn't really pursue it as much as perhaps I should have ...)

    I'm sure things are different nowadays with the rise of cell phone gaming (less access to internals), but I think the way of thinking is the same: What is a creative way around an arbitrary problem?

    I imagine there will always be a large overlap between creative problem solvers (gamers) and people that need to work on abstract problems (the more fun parts of security and programming).

  18. The fuck? by Anonymous Coward · · Score: 0

    Gamers are the exact opposite of technical users!

    Most âoegamersâ canâ(TM)t write software and donâ(TM)t possess the critical thinking required for anything more advanced than operating a microwave oven.

    Then again, McAfee said it, so who cares.

  19. We've seen this before... by ewhenn · · Score: 5, Insightful

    Former Equifax “Chief Security Officer” Susan Mauldin has a bachelor’s degree and a master of fine arts degree in music composition from the University of Georgia. Look where "no expertise" got them (and us). Hey, let's hire butchers to be surgeons too, I mean they cut things after all, so it's sort of related!

    1. Re:We've seen this before... by Anonymous Coward · · Score: 1

      Posting this anonymously because I work in Cybersec and don't want to be quoted.

      ANY of us could have been her. There's not one single person in Cybersecurity who has not done a risk acceptance on something like this because the business made an argument that it needed another month to close the vulnerability, or someone high enough accepted the risk.

      We ALL get up in the morning and if we're honest with ourselves go "I hope I don't make the wrong call today", because we play in traffic every day. It's the nature of the beast and we all knew it going in.

      At my first cybersec conference back in the 90s, the presenter got up at the front of the class and asked us what the first thing any CyberSec pro should do every day. The answer? Update your resume, because when, not IF, something goes wrong, you are the designated sacrificial goat.

      Is it always fair? Nope. Dollars to doughnuts she never knew the details of the risk she was accepting. Seldom do CSOs see that level of detail, otherwise they'd be paralyzed signing off on risks. It's more like "We have 3000 high/critical level vulnerabilities in this class of systems and would like an extra x$ next year for remediation to catch up."

      So IMHO, it's unfair to just lay something like this at the feet of a CSO. The questions around notifying the impacted consumers, hell yes, she could wear that, but the tactical stuff? That could be any of us if we time our dash across the road wrong on a given day.

  20. In other news... by Sperbels · · Score: 1

    ...92 percent of respondents are fucking idiots. Playing games doesn't make you a better hacker...writing code does.

    1. Re:In other news... by eaglesrule · · Score: 1

      Maybe it depends on the kind of game. The difference between something engineering in nature, such as Factorio or Kerbal Space Program compared to something idiotic like Farmville.

      Enjoying games that require a steep learning curve demonstrates a willingness to learn new skills and do problem solving. You're right that actually writing code is the most important, but it is possible too that other factors could help lead to the out-of-the-box thinking that would benefit a good security analyst.

  21. Whodathunkit? by TJHook3r · · Score: 1

    Young, tech-savvy people prepared to spend 20 hours a day at a screen might be good at tech jobs? Well yeah, as long as you don't expect them to spend hours a day doing free study - gaming is time consuming after all.

  22. TL;DR by TimMD909 · · Score: 1

    Seems all these articles these days are getting overly redundant in an unnecessary and redundant way. Here's the basic formula:

    $COMPANY can't find enough cheap workers and comes up with $STUPID_IDEA to try to explain why competent people still cost $TOO_MUCH.

    As a bonus for this article, we can have fun pointing out obvious lurking variables because they obviously don't realize things may not be as they seem.

  23. McAfee also finds MDMA fun.. by Anonymous Coward · · Score: 0

    ..and enjoys raep.

    Fuck that guy.

  24. Shenannigans! by Lord+Kano · · Score: 1

    I'm in my early 40s, grew up playing video games and I, as well as many others in my age range are good security analysts.

    LK

    --
    "Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
  25. In other news, almost everyone plays video games. by Anonymous Coward · · Score: 0

    The same case could be made for TV or bicycling.

  26. what gaming teaches you really by chaotic_clanger · · Score: 1

    iirc he claimed to be able hack something and then it showed up that it was a con.. so is it cheating what gaming teaches you?

    https://entertainment.slashdot...
    https://apple.slashdot.org/sto...

  27. All those years of pirating is paying of by xpiotr · · Score: 1

    All those years of downloading pirated games of strange sites and learning to avoid virus/malware/ransomware is finally be paying of for these gamers!

  28. Re:When You Jump On The Door You Glitch Into The W by Anonymous Coward · · Score: 0

    I think you're making an important point and I think the people in the article were probably not thinking about the casual gamer that just casually enjoys the intended challenges set by the developer, but rather the competitive gamers and speed runners that spend hours and hours trying to figure out if you can exploit the physics of the game in unexpected ways or maybe abuse some map geometry in ways not immediately apparent.. or even just completely break the sequence of the game and/or clip out of bounds if it speeds things up... and maybe even the gamers who write TAS-scripts to proof-of-concept tricks and exploits that are too hard for any human to perform reliably (eg. arbitrary reprogramming of something like a SNES just by using regular gameplay of Super Mario).

  29. What jobs are those? by micahraleigh · · Score: 1

    Where do these jobs live? Are they virtually a job? Are there more than 1 of them?