Why Should I Become A Cybersecurity Professional Now?
First, let's consider the true picture!
The overall landscape of emerging cybersecurity threats has gone extremely wide and deeper in recent years. Almost every enterprise, large or small-medium, is severely under-pressure to protect its critical information and data. Every organization which has been attacked in recent years, had to pay a huge cost of their cybersecurity vulnerabilities.
More than half, i.e., 53% of all attacks resulted in financial damages of more than US$500,000, including, but not limited to, lost revenue, customers, opportunities, and out-of-pocket costs.
All organizations worldwide are living each day in a state of high-alert! They are trying their best to keep themselves protected from cyber threats. Around 72% of them are deploying a large number of security products offered by as many as 20-50 cybersecurity vendors.
BUT the problem they are facing is that there is NO synthesis among most of these cybersecurity products implemented by them, because most of such products operate as if they are floating islands. Do you know what is happening then?
There is a Flood of Cybersecurity Alerts!
All these cybersecurity products are generating a very large number of alerts, logs and other telemetry. There is no orchestration among these products from various vendors.
As a result of 'Alert Divulge', the huge gaps continue to exist between alerts generated, those that have been investigated, and those that are eventually remediated. As shown in above:
- Among organizations that receive daily security alerts, an average of 44 percent of those alerts are not investigated.
- Of those alerts investigated, 34 percent are deemed legitimate.
- Of those deemed legitimate, 51 percent of alerts are remediated.
- Nearly half (49 percent) of legitimate alerts are not remediated.
IMPACT: This process leaves many legitimate alerts un-remediated. What is the reason?
One reason of it, appears to be the lack of headcount and trained personnel who can facilitate the demand to investigate all alerts.
Most organizations are fully anticipating that-- the cyber threats they are facing will remain complex and challenging. They are expecting bad actors/hackers to develop more sophisticated and damaging ways to breach their networks. They also know that the modern workplace is creating conditions that actually favor the attackers:
• The mobility of employees and adoption of IoT devices provide attackers with fresh opportunities.
Along with increased threats, many organizations are expecting that they’ll be under additional scrutiny—from regulators, executives, stakeholders, partners, and clients.
That's why most organizations need to move beyond relying solely on technology for defense. That means they must take holistic approach to their cybersecurity defense and examine other opportunities to improve security, such as applying policies or training users too.
The Biggest Stumbling Block
Lack of skilled talent tops the list of obstacles in all industries and across all regions of the globe.
“If I could wave a magic wand and get 10 percent more people to take some of the burden off people who really feel the heat because of high demand for their particular service areas, I would be a very, very happy guy,” says a CISO for a large professional services firm.
While the skilled talent gap is an ongoing challenge, organizations report that they’re seeking out and hiring more resources for their security teams. They all want to improve their cybersecurity defense capabilities, had they have access to rightly trained manpower.
When it comes to the cybersecurity industry, the problem is clear: there’s not enough skilled professionals.
We have all seen the news before: there is a serious shortage of cybersecurity professionals in the market, ranging from 1 to 3 million unfilled security jobs globally for 2019-2020, according to different estimates. It is clearly a problem that cannot be solved overnight, but it is deeply affecting companies.
This is the biggest reason why Cisco wishes to close the cyber security talent gap .
This was exactly the reason the Cisco launched the Global $10 Million Cybersecurity Scholarship in 2016 and launched its CCNA Cyber Ops.
Why did CISCO launch its Global $10 Million Cybersecurity Scholarship Program?
To address the shortfall of security talent, in June 2016, Cisco decided to invest $10 million in a two-year Global Cybersecurity Scholarship program to increase the pool of available talent with critical cybersecurity proficiency.
Cisco had been offered training, mentoring and certification that aligned with the Security Operations Center Analyst industry job role, since then.
Till recently, Cisco had been delivering the training program in partnership with key Cisco Authorized Learning Partners. Actually, this training was designed to address the critical skills deficit, providing on-the-job readiness needed to meet current and future challenges of network security.
A large number of IT professionals obtained the benefits of this scholarship. Yet there is a huge pool of people who were left behind and could not participate in this opportunity.
In a fantastic article, Tim Harmon shares the first-hand account of his experience and training of CCNA Cyber Ops. You can read this article here: Cisco CCNA Cyber Ops Scholarship: The Ins and Outs! He was asked to attend the Cohort-3 at Global Knowledge which is a Cisco Partner. He was mentored; the training and coaching platform was provided by Lumicybersecurity.
Kjetil Teigen H. has also shared a very interesting and information article on Linkedin. He had done CCNA R&S and was considering many certifications, e.g., CCNA Wireless, CWNA, CCNA Security or CCNP R&S for his next skill-upgradation plan. He shares how he found out about Cisco's Global Cybersecurity Scholarship and was lucky enough to officially be part of "Cohort 6" that was going to begin in April 2018. How was he struggling to wait for this training. He gives a wholesome account of his training experience here: 'My CCNA Cyber Ops journey'.
The scholarship seems to have ended on date: November 7, 2018 as that was the last date for the students to log in at the platform.
BUT the shortage of Cybersecurity professional is still huge!
To identify the best opportunities for IT professionals, IDC recently completed a global survey of IT hiring managers, examined nearly 2 million IT job postings for requested skills, and built a global IT employment model to identify both near- and long-term growth potential for every major role in IT.
For many of these roles, there are skill shortages, but IT hiring managers won’t wait. They will fill those positions with the best skilled IT professionals they can find.
• When organizations can’t find external candidates, they identify motivated internal candidates. It is always organization's long-term talent acquisition strategy.
To be ready for these roles, IT professionals should drive their own careers by getting certified in areas organizations are looking for.
No matter your current role or your interest is, these “most significant” IT roles can be part of your career in IT. Remember, even if companies have difficulty finding candidates to fill roles, they don’t delay a project if they can’t fill a position.
Cybersecurity Jobs: Hot-in-demand with Long-Term Importance
Not only cybersecurity jobs are one of 'Top Significant IT Jobs' and hard to fill up currently. They make a highly attractive career option for any IT professional. What do you think?
A good start made now has a huge potential to make a highly rewarding career options in times to come. Remember, this career of a cybersecurity professional is a young career in itself. You must choose these careers, before the crowd makes its way to ….
Become A Cybersecurity Professional NOW! This is the best time to...
Young engineers might not see cybersecurity as sexy, which is weird because we think it’s the coolest [job] ever. It’s spy versus spy. Competition for qualified cybersecurity professionals is driving up salaries and better benefit offerings, like more vacation time, access to training programs, and telecommuting options. The demand for the jobs, though, might be backfiring on employers, because workers can take advantage of the competition.
The issue that many organizations have today is that IT projects can’t go forward unless cybersecurity issues are addressed. Rather than viewing cybersecurity as an afterthought, organizations are now viewing a basic level of cybersecurity to be included as table stakes in any new project. Companies are devoting a lot of effort to hiring and retaining cybersecurity professionals. The catch is the time and money spent is an investment that is not being spent on actually improving cybersecurity.
Even Forbes reports that 'Cybersecurity is The Fast-Growing Job With A Huge Skills Gap' and states that --
One of the most in-demand cyber security roles is Security Analyst
Starting around at a salary of $75,000 at the entry-level, Cyber-security Analysts can easily get the milestone of $1,00,000 per annum.
Security analysts work to prevent and mitigate breaches on the ground. As most of Global Cybersecurity vendors such as Cisco, Symantec, Raytheon, AT&T, SecureWorks, Digital Guardian, F5 Networks, Fortinet, Capgemini SE, Treo etc have entered into the market of 'Cyberseucrity Operations Center (SOC) already, the competition to hire an able 'Security Analysts' has gone many notches higher.
In fact, Cisco's launch of its new CCNA Cyber Ops program with its Global $10 Million Cybersecurity Scholarship was a deserving response to current shortage of cybersecurity analysts. You may have the following question in mind!
What is the difference between CCNA Security and Cyber Ops?
I am frequently faced with this question. Here I am trying to present the Cisco's perspective as the answer to the question.
From the Cisco's perspective, CCNA Security and its certification path is typically concerned with 'Nuts and Bolts' of making your networks security using Cisco's devices, software and services. And job profiles which make cut to this domain are usually network engineer, network architect, network administrator etc as they are assigned with tasks related with the building, securing and maintaining the network infrastructure.
However, CCNA Cyber Ops and certification path (in future) is typically concerned with 'Guarding' of your castle. The is about every minute guarding of your networks and protection of your critical information assets and entails a 24x7 job of guarding against possible attacks and if any breach has happened, it requires ZERO-DAY DETECTION, if possible and quickest possible response to curtail the damages.
I hope you would like this article and leave me your feedback. You may also love to share this article among your contacts at Linkedin, Facebook and other social media platforms.
This article is written & published by Ms. Meena, Senior Manager - IT, at Luminis Consulting Services Pvt Ltd, India. She can be reached at Email: and/or Linkedin: https://www.linkedin.com/in/meena1