Most of us have experienced the fear; that anxiety over becoming obsolete, disposable, replaceable. We can find ourselves 'out of the game', after a period where maybe family life took precedence, or we simply let the reins slip and lost focus. Becoming complacent in our careers makes it incredibly difficult to grow; we watch on as sometimes younger, more enthusiastic, skilled individuals take our roles. Without new, relevant skills, we tend to lose confidence in our abilities and our employability.
It is of equal importance as an employer, to offer staff training and development. Much research into employee satisfaction has demonstrated a clear correlation between staff engagement, and customer satisfaction. Foresee explores the undeniable results in a study of two dozen top retail brands. By investing in your workforce, your brand will be represented with professionalism and pride.
"Employers who take initiatives to increase the engagement of their client-facing workers are simultaneously taking steps to increase customer satisfaction".
In a People Management article, LinkedIn research found that employees who were offered skills development are 47% less likely to be stressed, 39% more likely to feel productive and successful, 23% more ready to take on additional responsibilities, and 21% more likely to feel confident and happy. The benefits to continuous staff training are clear, so isn't it time business invests in upskilling their labour force?
Training to be a cyber security practitioner
Cyber security is fast becoming one of the most desirable skills organisations worldwide are looking for, and a great example of wise employer investment. A recent survey by the Centre for Cyber Safety and Education suggested that by 2022, the industry will be faced with a shortfall of over 1.8 million skilled professionals. Business is investing more in the training of experts in this field than ever before, due to the consistently increasing threat of cyber-attacks. In January this year, The World Economic Forum (WEF) global risk report was released. It named cyber-attacks as the fourth most serious global concern, and data breaches the fifth. For two consecutive years, the WEF has named these in our top five, very real, global threats. And as our economy's thirst for technological growth ever increases, as does our exposure to cyber criminals and hacktivists.
With the fear of becoming the next victim of a cyber-attack, industries are on the look-out for digital experts to keep them protected. The Bureau of Labour Statistics has found that the growth rate for jobs in cyber security will have increased by 37% from 2012 — 2022 - much higher than the average in all other occupations. And yet there is a clear shortfall in adequately skilled cyber-security experts. According to CSIS, 82% of employers report a shortage of cyber security skills, with 71% suggesting this causes "direct and measurable damage to their organisation". So clearly the solution is for organisations to invest in and train their workforce in security best practices, or if Human Resource budgets allow it, hire new talents.
So what are some of the quick and easy ways to start improving your cyber security skills according to some of our instructors and Alumni?
- Go to your local cyber security meetups or community events. Bsides or your local city con (BruCon) are usually good events where you're able to exchange experiences with your peers and hear from local, and international experts on how they go about handling, and mitigating the latest threats and vulnerabilities.
- Participate in CTF's (Capture The Flag's). There's no better way to learn fast than to have to act fast and practice what you learn. There's a multitude of online CTF's you can partake in or find some in your area. It's not only a good way to meet other practitioners but a brilliant way to practice your skills.
- Read, Read, Read! The internet is full of valuable resources to help you improve your cyber security skills. Whether you're looking for the latest trends in digital forensics, or you're curious about some of the latest zero-days, you will find plenty to read online. But just make sure you always check your source for validity. A good place to start is some of SANS free resources, like our Reading Room and our Internet Storm Centre.
- An excellent way to gain knowledge and real hands-on experience is to take on an internship, or an apprenticeship. For those who are just getting started after school, college or university, it's always worth looking at working for free. But don't be put off; taking opportunities like this shows willingness, drive and eagerness to learn, and it demonstrates a work ethic that employers are looking for.
"maintain a positive attitude, even though sometimes you're going to meet some interesting people in the industry. It's easy to feel a little lost — but remember, people come into security from countless backgrounds, and there is a tonne of programmes out there to help you get started". - SANS Fellow, Stephen Sims
With increased staff development budgets, 2019 is the time to express your desire for workplace training, to seek out those skills gaps, and to offer your workforce fresh knowledge and expertise.
How to Level Up your cyber security skills
Many security professionals use SANS Level Up to pinpoint where they need to upskill and to get their hands on the resources to do so.
Working towards being an irreplaceable member of your cyber-security team is the aim. SANS Student Anthony Hassall understands how important it is to ensure you keep your training fresh, and to "stay in front of the curve because once you fall behind, you struggle". Steven Townsley is in agreement. When we look at the "threat actors that we're defending organisations against, they're constantly evolving, they're constantly changing. We need to be - not just keeping pace with them, but often being in front of them in that challenge".