FEATURE


cybersecurityeurope PAGE 34


IN DEMAND SKILLS...


2019


The demands made on the roles of cyber security professionals will change over the next fi ve years. Here are nine examples of current specialist and generalist competences...


1 Specialist skills 2 On-premises / cloud / mobile focus 3 Manual processes experience 4 End-user support skills 5 Technology/business focused 6. Threat Intelligence informed 7 Artifi cial Intelligence knowledge 8 Security software patching skills 9 Tech jargon savvy


Will the capabilities they now seek even be relevant in fi ve years’ IN BRIEF SECURE IT AS YOU BUILD


Other skillsets that will need to be absorbed by 2025 will be around how cyber security becomes woven into the ‘DevOps’ processes that will drive how organisations harness technology and data to thrive. This requires the adoption of a


monitoring and facilitating role for software updates and revisions – and thus playing a crucial part in pre- empting vulnerabilities or spotting/ fi xing them faster. Alongside their script and code-writing abilities, a cyber security professional will also need to perform as a reverse engineer, and be capable of tracking back into the code development


process to


discover fl aws, loopholes, etc. The shift to DevOps is about more than a new set of tech skills; it’s about a method of working and thinking that is very diff erent to the mindset of a traditional cyber security professional; and it will include culture adjustments within teams. Cyber security pros will need to employ more creativity in the job to respond to known problems with known answers, but to identify and solve new problems entirely.


has long been part of cyber security strategy programmes; but the amount and calibre of work organisations expect technology to take care of has grown hugely in recent years. While cyber security is by no means ready for ‘fl ip-switch’ solutions, recent advancements already promise the demise of manual, cut-and-paste tasks and the prominence of platform solutions that orchestrate certain processes across connected devices and given ‘attack surfaces’ (i.e., the sum of the diff erent points (the ‘attack vectors’) where an unauthorised user (the ‘attacker’) can try to enter data to or extract data from a secured environment). For professionals looking to remain relevant in this new era, amassing a working knowledge in such platforms


time? To answer these questions, it must be understood how the cyber security skills crisis is shaping cyber security itself. The challenge of answering, ‘What do we try to fi x today?’ is only getting harder. Cyber security teams often rely on manual processes to stitch together insights from many disparate tools and information sources. Given the resource burden and mixed results of those eff orts, it’s unrealistic to expect those skills to be fi t for purpose for an indefi nite period as we move forward into the 2020s. Similarly, with network security and operations managers who deal with near-constant or near-real time requests for changes to meet business needs, the scale and complexity in which these changes take place quickly maxes-out most available resources. To overcome the pressures placed on stretched security teams, and to offl oad data- intensive tasks, organisations are turning to automation. Automation


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53