Working in the cyber security industry
One of the ways in which STOP. THINK. CONNECT. - which describes itself as “the global online safety awareness campaign to help all digital citizens stay safer and more secure online” – works towards achieving its aims is by inviting participating partners such as ESET to offer tips and advice in the course of its frequent Twitter chats.
On October 20th, the subject of one of these events was recognising and combating cybercrime. These generally take the form of commentary from a wide range of organisations in response to specific questions.
What are some examples of cybercrime-fighting careers, and what skills are needed for a cybersecurity job?
Not that I have a secret yearning to launch a new career in careers counselling, but I do actually get asked to give such advice quite a lot, probably because people think someone as old as I am, after 30 years or so in or on the borders of the security business, must have something useful to say.
The questions we were asked were as follows:
- Can you provide a rough outline of what cybersecurity has come to mean as a discipline and a career? How has it come to be incorporated into the larger fields of IT and computer science/programming?
- With that in mind, what should we be teaching the next generation of IT and computer science specialists about cybersecurity?
- On a practical level, what does the day-to-day work of cybersecurity look like, and what kind of person/personality is well suited to this kind of work?
- What kinds of coursework and practical training should students look for in an advanced degree in cybersecurity, and what kind of experience outside of the classroom is helpful in cultivating expertise in the field?
- How did you get into the field, what drew you to it, and how have you seen it evolve over the last decade or so?
- What are employers looking for in cybersecurity hires and how should someone who's aiming to enter the field prepare him or herself?
- What should we be teaching the next generation, and even the current generation of information security specialists and technicians, both in terms of skills and ethics?
- How is the interplay between government policies, technological innovations, economic forces, and social dynamics impacting the evolution of cybersecurity, and what are the biggest factors shaping education and employment in the field?
- From your perspective, what are the one or two biggest misconceptions that people seem to have — even people “in the know” — about cyberattacks, malware, and information security?
Those seem to me to be questions that may well interest people contemplating a career path in security, and if nothing else you'll get a wide range of viewpoints.