Ever lie awake at night sweating over the next vuln? Thats because we all do. In short security is not good for us. Whilst we agonise about the skills shortage are we considering the people who hold the skills we do have. How do we explain that there’s always a skills shortage but never a shortage of new entrants. Why can’t we retain the skills and the people we have and develop them. It’s time to accept that the skills shortage is a skills mismatch and for too long we’ve been trying to fit security in to the mould of Pen Testers rather than fix security. Thats not good for security and its not good for us.