Job postings in the cybersecurity field have gone up 74% over the past five years. And US News and World Report ranked a career in information security analysis fifth on its list of best technology jobs. This ebook offers advice and resources to help those who want to succeed as a cybersecurity pro.
From the ebook:
Many enterprises report increasing difficulties finding skilled cybersecurity professionals, research shows. Some 55% of US organizations report that open cyber positions take at least three months to fill, while 32% said they take six months or more, according to a recent report from the nonprofit ISACA. And 27% of companies said they are unable to fill cybersecurity positions at all.
The shortage—expected to reach 1.8 million jobs by 2022—has led some organizations to turn to training internal candidates to take on these roles.
“There aren’t enough people in the industry to fill jobs, and CISOs acknowledge that they are hiring people who they know don’t have the right skills—they are taking whatever they can get,” Frank Schettini, chief innovation officer at ISACA, told TechRepublic. The largest issue for CISOs is guaranteeing that they can detect an attack and that they have the right policies in place to mitigate it.
Enter ISACA’s Cybersecurity Nexus (CSX) Training Platform, released in April. The program is the first of its kind, the nonprofit claims, and offers 100 hours of on-demand, real-world training to build technical skills that help staff combat real threats.
Most cyber training programs remain knowledge-based, Schettini said: An employee sits in a classroom or reads a book. But the CSX training labs place participants in real situations and are configured with real firewalls, web servers, database servers, and other tools.
“The person is doing a real thing—attacks are happening in real-time, and the person has to respond,” Schettini said. The program also offers an assessment tool: With each step the participant takes to mitigate a threat, they are given a score on how well they completed the task. Therefore, CISOs or hiring managers can see not only that the person passed or failed, but what areas they succeeded in and where they might need additional training.