CC SM An Certification Certif ied in Cyber secur ity Insider Tips: How to Build Your Strongest Cybersecurity Team
Who Are the Next Leaders on Your Team?
Cybersecurity Team Building with Certification
About (ISC)2
The Need for Tougher Cybersecurity
Inside
Be a Cybersecurity Career Advocate
1 2021
The Need for Tougher Cybersecurity Cybersecurity Workforce Study
Even as the imperative for tougher cybersecurity presents new challenges, a majority of organizations surveyed (84%) report a shortfall in skilled personnel. That jibes with other industry research that shows the cybersecurity workforce requires a substantial influx of 2.7 million professionals to meet global demand.1
Organizational and information security leaders must build stronger cybersecurity teams. Now is the time to bring tomorrow’s cybersecurity leaders on board for a safer, more secure future.
Organizations worldwide are grappling with expanding attack surfaces that make them more vulnerable, according to the Cyberthreat Defense Report by CyberEdge. Cybersecurity teams already stretched thin are now tasked with protecting more employees working at home, securing more software in hybrid and multi-cloud environments and building better security into web applications.
Cyber resilience should be top priority across all industries everywhere. The need is immediate. More than three-quarters of cybersecurity professionals say it is somewhat or very likely their organization will be successfully attacked in the coming year.
Make It Priority No. 1
Cybersecurity teams must stay in front of evolving threats, including the rise of double extortion ransomware, which not only encrypts data but exfiltrates it to the web where it can be published. And that’s just one example of the emerging dangers.
Bad actors continue to develop phishing and social engineering campaigns to acquire credentials, plant malware and leverage human vulnerabilities to advance their agendas.
Responding to the shortage of available talent, organizations are changing the way they hire and train their cybersecurity teams. They’re relying less on the search for cybersecurity “all-stars” with years of experience and deep technical acumen and are instead investing in entry-level team training and professional
yourself, do you honestly need a rock star unicorn?” Susanne Tedrick, Principal Infrastructure Specialist, Azure for Sports at Microsoft, and the author of Women of Color in Tech, tells CIO.2 “They likely don’t exist. And if they do, it’s going to take a long time to find one and you will pay a lot of money.”
“One of the key value-adds of promoting from within is that you get someone who understands the systems you have, the applications you use, your network and your users,” says Matt Radolec, Senior Director of Incident Response and Cloud Operations at Varonis. “They might also be passionate, invested in your business and keenly aligned to your mission. You just can’t replace that. Not quickly.”
Nov.
Who Are the Next Leaders on Your Team?
2 Wood, Christina. “Promotion Tips: How to ‘Hire from Within.’” CIO Magazine, 18, 2021
“Startdevelopment.byasking
Look inward. Talent already exists inside your organization. Start by working with team members you know and trust, who already understand your systems, processes and culture. Identify candidates with the entry-level skills cybersecurity professionals say matter most: analytical thinking, problem solving, ability to work on a team and creativity.
38% 53%55% 116%21%6% 12% 21% 8% 14%19% 6%
Scout for Potential Companywide
Untapped future cybersecurity talent at your organization likely exists where you least expect it. Look for individuals not just in IT but across your organization who understand how data moves through the enterprise and are likely to add value when it comes to developing the policy and controls to help defend it.
Started in IT then transitioned to cybersecurity
Experience is optional. Today more than half of cybersecurity professionals entered the field outside IT, transitioning from unrelated careers, getting their start with cybersecurity education
Gen Z / Millennials (<39) Gen X (39-54) Baby Boomers (55+)
Started in another field then transitioned to cybersecurity
Explored cybersecurity concepts on my own and was recruited for a job in cybersecurity
and exploring cybersecurity concepts on their own.3 People with the potential to thrive in cybersecurity don’t need a lengthy checklist of technical skills, degrees and certifications to succeed –they just need the opportunity to start their path.
3 2021 Cybersecurity Workforce Study
Pursued an education in cybersecurity or related field then got first job in cybersecurity
Pathways to Cybersecurity Careers
Make cybersecurity career opportunities available to everyone in your organization, especially those looking for advancement. Consider creating a shadow program to help assess if a cybersecurity role is a good fit for candidates.
1. They’re Ready to Start from Scratch – Many cybersecurity career pursuers are undaunted by the fact that they’re unsure what to expect the first day on the job. They plan to start from scratch and work their way up.
4. They’re Cyber-Aware – Many cybersecurity candidates are aware of the prevalence of threats and ongoing security issues, including phishing, ransomware, malware, intrusion detection, cloud security, user behavior and threat detection.
5. They’re Confident and Motivated – Cybersecurity team candidates are eager and passionate about entering the field and ready to make an impact.
4 2021 Cybersecurity Career Pursuers Study
Organizations must strategically plan when assigning initial responsibilities and offering on-the-job training to invest in cybersecurity team development. Research shows mentoring, access to training, education and certification are critical to growth, confidence and longevity in the profession.4
3. They Expect Challenges Ahead – Candidates expect to work hard at learning on the job and performing their role. They’re ready for the challenge of keeping up with evolving threats.
Be a Cybersecurity Career Advocate
2. They Need Training – Cybersecurity team candidates anticipate the need for on-the-job training to become proficient at assigned tasks. They also look for assistance from their employers as they pursue professional education and work to earn cybersecurity certifications.
In addition, understanding the following five common attributes candidates often have in common will help you guide them as they start their cybersecurity careers:
No cybersecurity work experience or formal education/degree is required to take the exam. This would put the candidate on a career path to earning other advanced (ISC)2 degrees like the Certified Information Systems Security Professional (CISSP) and the Certified Cloud Security Professional (CCSP), which require experience in the field. Pursuers Study
Cybersecurity Team Building with Certification
The new entry-level cybersecurity certification from (ISC)2, the global leader in information security credentials, prepares candidates – including students, prospective employees, entry-level
Certified in Cybersecurity helps organizations like yours fill the cybersecurity workforce gap and build a stronger line of defense.
Introducing the ultimate starting point for the next cybersecurity leaders on your team — Certified in CybersecuritySM certification.
5 2021 Cybersecurity Career
Cybersecurity professionals say the most important way to enter the field successfully is through certification.5 They point to certification as an achievement and a proof point to their employers, peers and themselves that validates their skills.
professionals and career-changers – to start their path toward cybersecurity leadership with the key foundational concepts in information security, determined by cyber experts and practitioners working in the field.
Certified in Cybersecurity certification is ideal for: • IT professionals • Career-changers • College students or recent graduates • Advanced high school students or young professionals What’s Covered on the Exam View Exam Outline Domains Average Weight 1. Security Principles 26% 2. Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts 10% 3. Access Controls Concepts 22% 4. Network Security 24% 5. Security Operations 18% Total 100% Number of Exam Items Administration Time Attempts to take the exam* * Through 2022 candidates who purchase their exam voucher with official training will have two opportunities to pass the exam.
About (ISC)2
(ISC)²® is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, programmatic approach to security. Our membership, more than 168,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and Education™. Learn more at www.isc2.org or follow us on Twitter or connect with us on Facebook and Linkedin.