By Chuck Mackey
Today’s uber-crisis world demands a better way to ensure offensive and defensive cybersecurity success. All organizations need to be adaptive in this highly volatile environment. They must sense and rapidly respond to critical incidents, threats, vulnerabilities, and opportunities well before they happen.
Additionally, business success comes from an enterprise’s ability to codify, transform, protect, and successfully apply data for economic, social, and communal gain at an always-increasing pace. Protecting an organization’s data assets takes more than merely deploying a mass collection of point-specific technology solutions; it requires a top-down strategic and tactically administered approach that involves targeted skills. It starts and ends with the person who chooses, deploys, uses, and manages modern security tools and technologies: the engaged cybersecurity practitioner.
Both the organization and the contributing practitioner need a comprehensive pathway that enables technical and non-technical education and training—as well as proven leadership and team-building—to obtain the necessary skills for the organization to be resilient in the face of cybersecurity threats. A flexible program allows each practitioner to jump into the pathway regardless of their current skill set or experience level.
Reskilling a novice or experienced practitioner can be done through a four-stage process that I developed when implementing large-scale enterprise applications during the late 1990s and early 2000s. It remains a high-value model for cybersecurity education, training, and technology implementation today.
The process is called FIRM: Foundation, Immersion, Reinforcement, and Mastery. Each stage increases in both breadth and depth and allows participants to enter at any point on the path, depending on their own experience and the organization’s requirements.
Regardless of the current state of cybersecurity, for someone just entering the profession or with limited security skills, there are basic, foundation-based skills necessary to learn and command for progression through the FIRM model. Here are some examples of a likely cybersecurity practitioner skill-building roadmap.
Foundation Level programs are optimum for someone with demonstrated technical talent but without formal security education and practical experience. Knowing how on-premise data centers, network environments, and endpoint devices such as laptops, desktops, and mobile devices work together is a prerequisite for a career in cybersecurity.
How an organization configures these systems, what tools they use—such as Endpoint Detection and Response (EDR) and Data Loss Prevention—and how they operate and interact are critical components of a foundation-level skill set necessary for the emerging cybersecurity engineer. And while the objective is to thwart intrusions and other bad-actor activity, incidents will happen. Knowing how to respond, collect evidence, and report findings are all mandatory skills for even the junior engineer.
Learn the specific Foundation Level programs in our ebook, How to Win the Cybersecurity Talent Race. Download your free copy.
Many current security practitioners come to the program with years of experience and perhaps one or more certifications. Often, they are looking to specialize in an area of cybersecurity— e.g., penetration testing/vulnerability scanning, deep forensics, and threat hunting—or within particular operating systems and hardware platforms. These individuals should receive highly-specialized, hands-on training.
For instance, someone interested in threat hunting, which is an offensive cybersecurity pathway, will want and need exposure to significant incident use-cases, tools, techniques, technologies, and processes. The example programs in the Trilogy ebook present a likely way for a relatively seasoned practitioner to gain the necessary skill and ability to specialize in one or more cybersecurity domains.
Discover the Immersion Level programs in our ebook, How to Win the Cybersecurity Talent Race. Download your free copy.
As the individual’s skill set grows and his/her experience levels mature, the practitioner will want to handle more challenging activities. The Reinforcement roadmap provides just that. More and more organizations are moving to the cloud, infrastructure-as-a-service, platform-as-a-service, and software-as-a-service. Consequently, new issues arise, and the complexity of both technology and regulatory compliance demand that the cybersecurity engineer reach new heights not just in technical know-how but also in governance, risk, and compliance.
Knowing what to look for, how to integrate disparate security tools, and how to stand up to scrutiny from regulators are skills in high demand today. Working directly with software developers on secure coding practices, especially as web-based applications and application program interfaces (API) become more and more prevalent, is critical for the experienced practitioner.
There are 15 Reinforcement Level programs. Our ebook, How to Win the Cybersecurity Talent Race, lists them all. Download your free copy.
Terms such as “security ninja” and “guru” are bandied about quite frequently these days. While there are certainly practitioners who live up to the billing, a critically deep understanding of technology and business acumen are required to be considered a master in the field of cybersecurity.
Business leaders, executive management, and even boards of directors are strikingly aware of the significant challenges being placed on their organizations, whether from threat vectors, auditors, or regulators. Due to this general awareness, the cybersecurity master must have full command of the technology, understand how cybersecurity technology differs from other technologies within the organization, and comprehend how cybersecurity prioritization is a force multiplier in protection and regulatory adherence.
Whether a senior-level cybersecurity engineer, chief information security officer (CISO), or cybersecurity team leader, today’s practitioner must be nimble, forthright, and confident that the recommendations and decisions s/he makes can stand up to economic challenges and resource constraints.
The Master Level program expressly prepares the seasoned cybersecurity practitioner for more and more responsibility and the commensurate authority to take on the ever-increasing complexities of cybersecurity.
Learn the specific Master Level programs in our ebook, How to Win the Cybersecurity Talent Race. Download your free copy.
The FIRM model is not an end-all-be-all. It is, however, a robust and practical approach to improving the secure position and posture of an organization through an education and training program proven to be effective in the field and the classroom.
Chuck Mackey manages the Data Protection Office for AmTrust Financial Services, Inc. He has consulted regularly on IT security matters for Big Four consulting firms, higher education institutions, government agencies, and the private sector.