In the field of cybersecurity, we are failing to acknowledge that we have a big problem. Our job titles and job descriptions have the word security in it even though security isn’t our job. I have never met a security professional who claims that their organization will never be breached. Yet, we call ourselves security? When a breach does occur, it reflects poorly on us. Did it mean we did our jobs poorly that day? Let’s have the difficult, but long needed, discussion about what we need to do to better align our roles in supporting our organizations as well as our own expectations around what our jobs actually are.