Cybersecurity skills shortage
The demand for highly qualified staff with the right skill sets along with hands on experience is not new news in cybersecurity. However, the difficulty of gaining experience prior to meeting the objectives for interviews for entry level jobs can be a tough hill to climb. Ample resources available online, including the ability to set up in-home labs, which helps.
A blend of soft skills and the aptitude for continuous learning can open the door to explore and experience cybersecurity from a consulting point of view. In consulting roles, not only are the technical skills important, but the need to communicate objectives in a digestible format, through PowerPoint presentations and executive summaries is essential. Consulting can lead to more career opportunities and a more holistic view of enterprise risk.
The business side of cybersecurity
6 Foundational pillars of cybersecurity practitioner experience:
As I continue to gain hands-on practitioner knowledge in a pursuit of becoming an information security expert, there are six skillsets I’ve noticed are the pillars to applying the knowledge to any client-facing assessment or business problem:
- Continuous learning: Obtaining certifications, CPEs, attending conferences, following security bloggers/researchers, participating in internal / external courses available within your organization.
- Leadership: “By failing to prepare, you are preparing to fail.” – Benjamin Franklin; “Under promise, over deliver.” – Tom Peters; Take ownership and pride in your work while always preparing to be one step ahead.
- Adaptability: Be an expert in one, and good at many – e.g., GRC skills and technical testing. Adaptability can help consultants pivot in conversations and understand information security holistically which will improve the client’s experience and value for their money.
- Communication: Soft skills are a requirement to communicate project scope and manage expectations. A consultant should be able to help translate industry standards to be understandable for the client to digest. Deadlines, reporting, and ultimately presentation skills to business and board leaders are required to make projects successful and showcase security as a business enabler.
- Teamwork: Do your job well for the greater good of the team. Especially early in your career, do the dirty work, information gathering reading documentation and preparing notes prior to the client interview – constructing additional questions and early recommendations will go a long way in showcasing subject matter expertise during client interviews.
- Problem solving: Critical thinking skills are vital in problem solving because there’s more than one way to solve a problem. Understanding the client’s needs and their desired end-state will help level set expectations throughout the engagement and help the client envision a journey map where you’re seen as the trusted advisor.
The evolving cybersecurity threat landscape
As the threat landscape evolves, boundaries are pushed with IoT devices, the “new normal” work from home environment, cloud-delivered security service deployment, digital trust, and the automation and orchestration of those disparate technologies into a holistic, well-oiled machine. The difficulties illustrated by these deployments require a full life cycle approach for protection to reduce the risk of an attacker infiltrating the system due to misconfigurations. Although all pillars noted above are important, to stay ahead as a practitioner, we must continuously learn.
The thirst for knowledge continues
As a student of information security, I am pursuing a master’s degree from Southern Methodist University in Cybersecurity. Through the live, online experience we interact “face-to-face” with classmates and instructors in small, collaborative weekly live classes. The diverse coursework offers advanced electives that directly coincide with the ability to not only obtain hands-on practitioner experience through new tools and technologies, but also fosters a new way of problem solving. The journey continues!
Article Link: Explore and experience cybersecurity from a consulting point of view | AT&T Cybersecurity