California Institute of Arts & Technology

Cybersecurity jobs continue to grow as more regulation and security incidents impact people’s lives. As technology continues to become an integral part of our daily lives, it’ll be essential to protect the technology that makes it possible. The cybersecurity industry suffers from a lack of qualified candidates to deal with the constant attack on organizations’ security systems and assets. 

Cybersecurity is in every facet of a life well beyond the board room.

It’s no wonder many analysts regularly identify cybersecurity threats as one of the top two issues facing business today. This results in data security risks, fines from government entities, and damage to reputations.

Security professionals at all levels not only know the most current security concepts and industry trends, but they also know the most recent privacy and security regulations. For example, the new California Consumer Privacy Act of 2020, which gives consumers more control over their data, goes into effect on Jan. 1, 2021. When a security incident occurs, companies are often fined, executives are fired, customers may leave, and an organization‘s reputation takes a hit. Cybersecurity experts help companies avoid the headaches of a cyberattack by keeping their security strategy and operations up to date.

Valuable soft skills essential to all cybersecurity professionals

A successful career requires soft skills, flexibility, and acceptance of a trial and error culture. There are several reasons why companies cannot find the skilled cybersecurity professionals they need. First, there are not enough qualified cybersecurity professionals who have both technical and soft skills. Strong communication skills, collaborativeness, patience, and agileness are important soft skills to develop.  

How do you stay up with the constant change in cybersecurity?

Organizations will change their product offerings, services, and locations based on cybersecurity breaches and ongoing threat assessments.

Aspiring cybersecurity professionals will want to develop good work habits, including the capacity to work methodically (in a detail-oriented manner).

The following critical skills will come in handy:

• Flexibility
• Continuous education
• Being a scrum member

An eye for integration skills 

Any good cybersecurity professional knows how to examine a company’s security setup holistically. Including threat modeling, specifications, implementation, testing, and vulnerability assessment. They also understand security issues associated with operating systems, networking, and virtualization software.

Knowledge gained is knowledge earned

Organizations will create new jobs for cyber security engineers based on needs following a security attack. Cybersecurity positions within organizations are not static.

○  Knowledge of Risk Management – Foundation skills in risk, compliance, and auditing helpful

○  Knowledge of Network Security – Hands-on experience helpful

○  Knowledge of Network Protocols – Relevant experience in network protocols and ports

○  Understanding of incident Response – Analytical skills helpful

○  Knowledge of Intrusion Detection – Technical background in IDS, IPS, and Host-based helpful

○  Understanding of System Administration – Background in security concepts helpful

Embracing trial and error in cybersecurity careers

Accepting the concept of trial and error is critical for any cybersecurity candidate. Like other career paths, many people in the early days of cybersecurity did not attend a formal school to learn the craft. Many early practitioners learned cybersecurity by picking up a manual or learning as they went along. In the late 1990s, the idea of a firewall looked more like an extended access control list on a Cisco router. Setting up a firewall looks similar to loading a server application in a single computer device with two cables coming in and out. One for the “clean” and the other for the “dirty” network. There was no formal education around deploying firewalls, not even a youtube video.

Technology is far from perfect. Configuration mistakes happen daily to SecOps, DevOps, and NetOps team members. Sometimes, these mistakes aren’t recognized for several months after deployment. When things do break (and they will), a good cybersecurity professional will focus on experience, knowledge of the product, and remember the fundamentals of all solutions. They know that rebooting doesn’t always fix the problem. Solving the problem through trial and error for the cybersecurity professional is a good thing. Sometimes, there are many ways to solve a cybersecurity issue. Often multiple team members from DevOps, SecOps, and NetsOps will collaborate as a team to come up with options to solve the problems. Together, the teams learn from each other. 

How to gain more cybersecurity experience

Many cybersecurity professionals are driven to learn about the applications, systems, and networks they protect daily. More often, a SecOps, DevOps, or Netops person will volunteer their time in other parts of the information technology to gain more knowledge of the organization’s digital landscape. Some will block out time on their weekly calendar to help out in the IT helpdesk helping out with trouble tickets. Some cybersecurity team members will volunteer to help with weekend network cutovers or system upgrades. The cybersecurity professionals will learn more about the organization’s technology environment and become more well-rounded teammates to others in the IT department.