6 Essential Skills Cybersecurity Pros Need to ...

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

100%

tdsan,
User Rank: Ninja
4/22/2019 | 7:25:14 PM

Let's look at this list in greater detail

This is an elaborate list, let's look and address these areas that companies are looking for from a security standpoint.

Automation and Orchestration - Two major trends are driving enterprises toward greater security automation across the board. First of all, security is using automation to scale incident response and security analysis to keep up with ever-multiplying threats. Second, as DevOPs and continuous delivery of software become de riguer at many organizations, the table stakes for IT automation across the board has risen considerably

Ok, I agree with automation across the board, but there has been a lot of pushback from engineering groups because they say if an application changes the functionality of another application during a threat, they were not comfortable with that aspect of change. They turned off this capability because they wanted a human to make a change that could affect the environment; but what if the experience person who is the senior level is out of the office (evening, weekend, holiday), the individual on site has to wait to get authorization, again, we are back in the same position
DevOPs is different in certain regards to AO (Automation and Orchestration), writing scripts to help improve a process is not really DevOPs. AO is a process where specific functions from various realms (network, compute and storage) come together. I think in this case the security teams are looking to use an aspect of infrastructure to be part of their ramp-up process (Citrix, VMware, Hyper-V). But this is part of another group within the organization and not necessarily the security team, it is a nice to have.

Data Science - "Data science is as much a method and an approach

Aren't all aspects of computing now the same as this (compute, network, storage). I think it is important to have an understanding of the data life-cycle process and be able to discern inherent hidden message inside data streams, this provides invaluable information about vulnerabilities and threats but that is what SIEMs (Security Information and Event Management) are used for. Numerous companies are providing this capability and most security experts review this data regularly (basically this is being done). Definition of Data science - "Data science is the study of where information comes from, what it represents and how it can be turned into a valuable resource in creating business and IT strategies. Mining large amounts of structured and unstructured data to identify patterns can help an organization rein in costs, increase efficiencies, recognize new market opportunities and increase the organization's competitive advantage." This is something the CIO/CISO/CTO should use if we are looking at it from an executive standpoint, but in this case I don't think we are.

Coding - First of all, it's crucial for application security in a DevSecOps environment that requires optimal collaboration between security and development functions.

I agree that organizations are asking more from the security departments to review code and coding practices to help mitigate external/internal attacks but what happened to separation of duties. There is a reason companies have separated tasks because if your DevOPs team and security team become one, then there a gray area where collusion could take place. The security teams need to have DevOPs experience especially when organizations have in-house programming experts but the comment the gentleman made about teaching DevOPs individuals security in a short time is delusional. There are many tools from different vendors that cause security experts to scratch their heads. Each group needs to understand the organization's expectations (mission) but there needs to be a clear demarcation point in place, this ensures the security team will remain autonomous.

Privacy Expertise - Almost one in four cybersecurity professionals surveyed by ISSA say they don't believe they've been given the right level of training on data privacy.

Wow, that is interesting because that is one of the first topics they teach you will go after your CISSP (8 domains) is Asset Security - "Asset Security focuses on: classification and ownership of information and assets; privacy; retention periods; data security controls; and handling requirements". It seems these individuals were not paying attention in class, lol.

Secure Cloud Management - According to Gartner experts, the drive to improve cloud security competencies in the face of massive enterprise shifts to the cloud is among the top seven security and risk management trends for 2019

Interesting, cloud computing companies have an assortment of tools in place to help the organization become more secure, they even have a tool that scans the network for security issues (logging, access controls, network access lists, MFA, design and VPN access). All of this is driven by a menu to help the end-user (security and infrastructure cloud expert) to address these issues. I think there needs to be training involved, but the learning curve is not as steep as stated, they can do this with a few clicks (AWS, Azure, Google all provide this capability)

Business Acumen - According to the ISACA study, "the most-prized hire in a cybersecurity team is a technically proficient individual who also understands business operations and how cybersecurity fits into the greater needs of the enterprise."

Shouldn't the CIO, CTO or CISO have this experience, that should be part of their daily activities? The individual who sits in front the executive staff will need to have this, the engineering security team reviews logs, determines the organization's security posture, implements tools and controls, provides education and elaborates on long-term goals (strategic thinking).

I have looked at this list, this seems to be unreasonable because the shortcomings of individuals who work in higher-level positions don't want to understand the intricate aspects of security. An article was written that talked about executives not having a clear strategic path or goal to address security issues. Now it is one of the main focuses as to how the business runs, the executives want to move their business requirements to staff members.

Let's be honest, with all the things organizations are asking from security experts, it sounds like they are trying to blur the lines instead of hiring competent personnel in those specific areas. Because if they want someone who has Data Science, AO, Business Acumen, Cloud Management, Privacy Expertise and coding, then why would they continue to work for that company, they should work for themselves because of their extensive skill-set (having all of that is invaluable).

The other thing that is not being addressed by companies is the fact that they don't want to pay for individuals who have years of experience with an assortment of skills. In the article where the gentlemen stated he wanted "coders", but what he did not say was that he wanted to hire those individuals fresh out of school or at a discounted rate (a lot of the coders are coming from overseas and their rates are much lower than the American rate). Companies want individuals who can look beyond code; but when it comes to compensation, the manager is the one who does the hiring and they often back away from bringing in a personnel with those skill-sets because that person would eventually take their job, it is sad, but it is just human nature.

Todd

Reply | Post Message | Messages List | Start a Board

50%

Ai2ik,
User Rank: Apprentice
4/3/2019 | 2:05:36 PM

Certificates

Hi Ericka, do you recommend any must have cyber security certificates for people looking for careers in Infosec?

Reply | Post Message | Messages List | Start a Board

Hot Topics

Editors' Choice

COVID-19: Latest Security News & Commentary

Dark Reading Staff 4/7/2020

Microsoft Alerts Healthcare to Human-Operated Ransomware

Dark Reading Staff 4/1/2020

FBI Warns Education & Remote Work Platforms About Cyberattacks

Dark Reading Staff 4/3/2020

Webinars

Fighting Cybercrime in a Pandemic Threat Landscape

Malicious Insiders: Real Defense for Real Business

Building a Strategy for Detection and Response

Webinar Archives

White Papers

NERC Updates May Force Utility Companies into Better Cybersecurity

eSentire Annual Threat Intelligence Report: 2019 Perspectives and 2020 Predictions

One Phish, Two Phish, Three Phish, Fraud Phish

Use Case Coverage for Simulation Based Training

Endpoint Security 2020: The Resurgence of EPP and the Manifest Destiny of EDR

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

6 Emerging Cyber Threats That Enterprises Face in 2020

This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

State of Cybersecurity Incident Response

Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.

Download Now!

How Enterprises Are Developing and Maintaining Secure Applications

0 comments

How Enterprises are Attacking the Cybersecurity Problem

0 comments

How Data Breaches affect the Enterprise

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2020-5735
PUBLISHED: 2020-04-08

Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code.

CVE-2020-5736
PUBLISHED: 2020-04-08

Amcrest cameras and NVR are vulnerable to a null pointer dereference over port 37777. An authenticated remote attacker can abuse this issue to crash the device.

CVE-2017-18646
PUBLISHED: 2020-04-08

An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. An attacker can bypass the password requirement for tablet user switching by folding the magnetic cover. The Samsung ID is SVE-2017-10602 (December 2017).

CVE-2020-5549
PUBLISHED: 2020-04-08

Cross-site request forgery (CSRF) vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier and Enterprise Ver. 2.0.1 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

CVE-2020-5550
PUBLISHED: 2020-04-08

Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 and earlier allows remote attackers to impersonate a registered user and log in the management console, that may result in information alteration/disclosure via unspecified vectors.

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]