What skills make a good a cyber security professional? The Frost and Sullivan (ISC)² Global Information Security Workforce Study 2015 addresses this issue. The top four are:
The report lists a total of 12 skills or areas and Learning Tree’s courses cover the majority of them (of course). In fact, the security course I co-wrote covers much of the first area.
This week, I’d like to discuss two areas: communication and awareness of current threats.
Communication is one of the most critical areas in all technical disciplines. Most of us can relate to the stereotype of the techie who cannot communicate with non-techies at all. This is the man or woman who uses lots of jargon and seems to obfuscate even the simplest of topics. I knew many of them when I went to graduate school… I was blessed to have a mother who was an English teacher and a father who motivated me to participate in theatre and public speaking activities at an early age; not everyone has had that experience.
Few will argue that one needs to keep up with the technology, the security field and the latest threats (the other three of the first four skills), however many remain complacent in their abilities of communication skills. One needs to keep those skills current, too. Practice is critical to doing that, which is part of why I contribute to this blog, write and teach for Learning Tree and speak at conferences. I also attend conference sessions, webinars, and courses on communication. All professionals need to do that. I would be remiss if I didn’t share some of Learning Tree’s offerings, but I urge you to also make use of conferences and other opportunities to learn these essential skills. While Learning Tree has additional courses in the communication field, these three are particular applicable to cyber security professionals.
The second area is current threats. While I try focus on some of those in my posts to this blog, there just isn’t enough space to dedicate to that topic alone. I wrote about this a couple of years ago. My advice then, is still good today.
I was recently asked about podcasts. Because I read fairly quickly, and because my office is at home, I seldom listen to podcasts. Because of that, I generally don’t think of them as a resource. The Infosec Institute published a list of security podcasts earlier this year and you might want to listen to some of them. If you do decide to listen to some podcasts, I recommend speeding them up for a better listening experience. Windows Media Player allows Play speed settings in the Enhancements menu.
Choose the best methods for learning about current threats, but please do so: it is clearly an important skill.
Being a lifelong learner is clearly important as the (ISC)2 report makes clear. Please let us know in the comments below about other sources you’ve found for continuing your security education.
To your safe computing,