I’ve seen just as many sysadmins do this as developers. It’s not a question of job title as a psychological pitfall (people who are looking for things to succeed don’t ask when they should fail) and companies not specifically retaining people with security experience because they cost more.
It can be though. Downsizing and getting rid of specialists certainly hurts companies. There are only so many hours in the day and that desperate guy working 14-16 hours a day because of covid downsizing is eventually going to eff up no matter how talented she is.
I’m not sure exactly what you’re disagreeing with. My point was just that it’s not useful to direct criticism at a job title when there are so many examples of failures by people with any given title. I’ve seen people who are ostensibly pen-testers or auditors blithely telling others to click through important warnings or have a root-on-all-machines password to make their work easier.
Downsizing and other false economies are definitely a contributing factor. Security and reliability are easy to dismiss as expensive overhead until they suddenly aren’t.
