NEWS + ADVICE
Cybersecurity Is More Than Technical Skills
Define or Categorize Cybersecurity
Cybersecurity is multifaceted, but in the end it’s all about protection. It comprises all of the ways we engage people, processes, and technologies to protect our businesses, communications, and identities online.
Cybersecurity is not one function. It’s a market with hackers, defenders, exploiters, artists, writers, buyers, sellers, investors, planners, recruiters, and more. Business and communication skills are as important for success in cybersecurity as they are in any other industry. Cybersecurity cuts across the intersection of information technology and business. Some of the most successful teams I work with are comprised of physicists, mathematicians, and intelligence analysts. Many different people on many different teams need to understand security issues and the potential effects on the business. This industry is a dynamic and growing global ecosystem.
You’re Not Always Looking for Specific Certifications or Technical Skills
The longer you have been in the industry, the more likely it is that you did not start your career in cybersecurity. Most of the people I work with every day bring an assortment of skills to the table, ranging from traditional business, finance and strategists to developers, hackers, artists and musicians. Others bring market expertise — energy, health, retail, and military. It’s not about just technical certifications and programming languages.
You Need More than Technical Professionals, Including Professionals Who Can View Cybersecurity Holistically
Yes. A lot of people see the science in cybersecurity, but the art involved is often misunderstood and under-appreciated. Some of the smartest security professionals I know have a background in the arts—in music, painting, literature, or photography. Creative approaches drive innovation and invention in cybersecurity. Finding people who can think through problems differently helps build the most skilled and valuable staff. More and more the cyber community seeks game theory and game visuals to help operators work more effectively.
That’s what we do at Invotas. We hire for a team sport, for different players to play different roles. It is not about finding the most technical people, but having the right mix of diverse skills among people who can communicate effectively to provide our clients with the best service. The whole is greater than the sum of the parts.
What Excites You About Cybersecurity
Cybersecurity is my passion. Security practitioners make a difference—we protect critical infrastructure and secure systems that keep our nation safe. Making a difference is important to me. That’s one reason why I am in cybersecurity. I also love the the competitive team approach inherent in the industry.
Events like the Maryland Cyber Challenge and Conference (MDC3) simulate attack scenarios to help analysts and operators become more effective in their roles. You can learn a lot in school, but that learning can be augmented by competing. Competition provides practice with pressure, urgency, stress—and how to work as a team under stress. Competitive teams also reward diversity and support the variety of skills and abilities needed to build agility in cybersecurity practices.
Why Are There Few Women in Cybersecurity?
Cybersecurity doesn’t have a universal brand. I have a teenage daughter who once wanted a career in cyber, but the stereotype at her age portrays cyber professionals as highly skilled programmers that are solitary, independent, over caffeinated-drinking geeks.
When I talk to young women, they often say cybersecurity—and STEM in general—is lonely. They envision programmers sitting in front of computers and are unaware of the depth and breadth a career in cybersecurity truly offers. Our community needs to market cyber careers better by showing the team atmosphere and the reward from protecting people’s way of life through their digital presence.
Why Do You Work for CSG Invotas
Because I can help change the cyber landscape here. CSG offers an interesting new use of proven technology in a start-up environment incubated by a well-respected IT services provider. I couldn’t say no.
Invotas provides a completely different approach that will change the way we look at protecting our networks. Networks are a stationary target for attackers. Our networks are bulky. Slow. It can take weeks or months to make changes or respond to attacks, which may be in our systems for a long time. We have to make them less predictable. A moving target is much more difficult to hit. Until we do, hackers will continue to have time on their side—and a strategic advantage.
Technology should allow an organization to dynamically manage the security and availability of their networks to match their operations. The first step in the journey to this vision is integrating orchestrated automation into operations. This means extending the security operators ability with speed and scale through automated and semi-automated workflows that implement enterprise-wide courses of action. We aren’t replacing a tool in your architecture, we are providing a powerful fabric that lets you orchestrate each tool when needed.
This entry was posted on Saturday, April 04, 2015 12:56 pm