Current Filter: Network>>>>>Opinion>

   

Despite hiring more IT security personnel than ever before, a new Lieberman Software study shows that many companies are still concerned that cyber attacks are evolving too quickly to keep up with. This is driven by the recent and rapid advancement in cyber-attacks which has rendered many traditional IT security solutions completely ineffective. Fortunately though, this provides a gap in the market for those interested in a career in cyber security.

For those thinking this way here is an insight into what someone considering such a career can expect: a day in the life of an IT Security Professional…

Cyber security covers a lot of ground and many different disciplines, ranging across basic technical support, auditing, IT, engineering, networking communication, as well as general presentation skills and the ability to effectively communicate with executives. Successful individuals deal with a number of these disciplines, not necessarily all of them; there are a lot of places one can go in the cyber security world.

As with any job, there are cons, including longer hours than other technology areas and a lot less room for error. Precision is vital, because an IT security professional must address areas affecting large swathes of the global financial and military community, be it directly or indirectly. However, the constantly evolving landscape of problems means that your brain is always busy churning out solutions and will never go stale!

The average day involves lots of customer interaction, whether they're clients of your business or the people you're trying to protect internally. You must be able to discover what is going on, determine how it happened and provide guidance regarding effective protection. This involves conversations about what can be done versus what should be done, and knowing the difference between the two. It also involves some aspects of sales, as everyone needs more time and money to find, fight, and fix. Ultimately, if your customers aren't on the front page of the Wall Street Journal you can breathe a sigh of relief.

The biggest challenge cyber security professionals face centres on people unwilling to change their behaviours. The professional has to prescribe process changes and technology changes which often require a fundamental redesign in the way people have approached computing and big data over the past three decades. If the professional backs down and prescribes a technology which doesn't really enforce a change for the better, they are causing the organisation to continue practicing poor security, but in a new way. Modern cyber-attacks are more intelligent and automated, taking advantage of lazy behaviour. You must convince your customers to act in the same way: to be automated, intelligent, and to break from bad behaviour.

If you are starting out, here are my three top tips:

• Understand the concept of acceptable loss. The bad guys are getting in and no amount of perimeter security protection can stop them. Intruders break into the network or are let in by employees and contractors.
• Don't put down the book just because you are certified or obtain a degree. The person who stops testing their abilities and learning will never succeed.
• Know yourself and your enemy - Sun Tzu: "If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle."

Hackers are unlikely to retire any time soon, so if you have an interest in technology, make the most of it by becoming a modern day cybercrime-fighting hero! NC