Sure. Allow me to give you a little background about my area, from personal experience a hundred years ago in the industry: security by obscurity was the standard, a CTO had zero experience with anything computer related, beyond powering his on and pecking out emails, was not interested in learning about (let alone learning any) current or new technology, coding, or security related. The sysad couldn’t code a lick, depended on an online scanner for malware removal (and it was a persistent problem), and did absolutely zero auditing, wondering why the better team members stayed long enough for a reference and ran screaming. This was the worst, but not by much, company I worked for in the industry in a very wealthy area. I’m sure things have changed over the years, but from friends in the industry, not by much. They still stay long enough for the reference of official experience, then end up moving companies, or the better ones go on to self-employme t, often contacting for the same companies, at 4x the hourly rate, because it’s still cheaper than getting sued by by clients or the government.

The weird thing is, I’m about to try to re-enter the industry, personal and industry issues aside, at a later point in the year.