The cybersecurity talent shortage is real, and it’s an all-hands-on-deck moment to overcome it. Yet many people who could be well qualified to take on the diverse roles that cyber needs are daunted at the prospect – if they don’t have the deep math or science background commonly associated with this field.
In reality, there are a broad variety of job roles associated with cyber, and some common traits among people who do well at filling them: a strong interest in the subject, good problem-solving skills (doing crossword puzzles counts!), pattern recognition, critical thinking and a love of lifelong learning. Sound like you? Then you can do it.
My own career as a Cybersecurity Architect in Cisco’s Trust Strategy Office was inspired by observing a hacking exercise aimed at bypassing the security controls protecting a proprietary system. One of the memorable hacking tricks used was social engineering – getting people to innocently give out personal data that is then used to attack them at work as a way into their employer’s systems. I was hooked! I undertook an earnest self-study campaign that included revisiting some principles from old graduate courses I’d taken (yes, I had started as an engineer), pursuing networking and security-related certifications (CCNA, CCNP, CCIE, CISSP), reading, researching and developing “ethical hacker” skills.
In the course of doing all that, I decided to start working with students to help them learn about cyber threat. I have a natural love of teaching, and like to develop curriculums that incorporate STEM in a non-intimidating way. I started a cyber-club affiliated with a local college, North Carolina A&T State University (we’re the Aggie Defenders!), and eventually enlisted students in non-technical degree programs to join a multi-school cyber-competition. An added bonus – about 30% of them took internships at Cisco, building up our talent pool!
Club members learn through reading, sharing what they learn, and using a variety of freely available online tools that hone their skills and help them understand how hackers think and work. You see, most hackers aren’t deep techies either; they learn to use certain tricks and techniques, and leverage readily available online information, to catch people off guard. By understanding common methods hackers use to “get in” and learning how to investigate exploit methods, club members, or anyone committed to trying, can get started on a cyber-career path.
Hack the Box is a great online platform to help you try out your skills, conquer progressively harder hacking challenges, and exchange ideas and methods with members worldwide. Splunk (in partnership with Cisco) offers free threat hunting tools; there’s plenty of free online information about how to make use of them too. YouTube offers many free videos that explain ethical hacking techniques – just search on terms “thinking like a hacker” or “easy to learn hacking tools.” There are many cyber-clubs associated with local high schools and colleges. And of course, read up on the many breaches in the news; understand not just the breach, but the attacker. What was the vulnerability? How did they get in? What is the people aspect of the attack?
All of these tools will help you gain a good cyber foundation. Once you have that, there are a lot of job options to pursue. At Cisco, we’ve formalized our roles and requirements into a breadth of analyst and quality assurance-type positions. Some of those are definitely entry level. While the titles might seem intimidating to those from non-technical work backgrounds, don’t be put off! Pursuing one of these jobs comes down to communicating what you actually do every day, so learn to explain that – and how your experience to date, from clubs, online learning, self-study and trial-and-error, are directly relevant to a position you’d like. Given the newness of the cyber field, it’s very common to learn and grow on the job; teamwork and collaboration are especially important here. We don’t know where threats will take us tomorrow.
I want to encourage anyone – students, Veterans, non-technical workers or those in other technical fields – who finds what I’ve said here intriguing, to give it a shot. If you are an undergraduate or graduate college student interested in gaining on-the-job cybersecurity training and experience over the summer, find interesting opportunities at: https://www.cisco.com/c/en/us/about/careers/working-at-cisco/students-and-new-graduate-programs.html. And those already in industry, stay open to the passion and potential of newcomers: create training and apprenticeship programs that include learning pathways for IT and non-IT individuals. Help change the perception that technical fields are difficult to master, and encourage development of the people you need to keep your business safe. With no sign of cyber threat slowing down, an inclusive, diverse and inspired workforce is critical to our economic survival.
To learn more from others in the field of security, visit www.cisco.com/go/bridgethegap
This is an article I am posting to my social media and will be using this when I speak to middle/ high school and college students.
Thanks for your insight
Very inspiring article for those budding cyber security professionals.
This is a great article. I have been pursuing a CCNA certification because I have been thrust into a Security role. I found an intriguing Cyber Security Associates degree program at my local Community College that is sponsored by Cisco. The tools for developing these skills are impressive and generally available. I've found the official Cisco Curriculum resources to be especially beneficial but I have also utilized the Sybex resources and find these resources enhance my understanding of the Cisco technologies. All in all, working toward this goal has had the benefit of improving my performance at work. In the end, that's what's really important.
Hey Lonnie,
Great story and I too would encourage everyone curious to jump in and give the cyber space a shot. Thanks for sharing!
I cant agree more. People are the weakest links of any security system. We need more expertise from the humanities to help understand the "Science" of social engineering.
Lonnie, thank you for sharing your story. I am inspired by your story and this was encouraging for me. I do security testing in my current role and always looking for ways to better myself.
Thanks!
Wp
GOOD DAY, NICE ARTICLE, I WILL LIKE TO SPECIALIZE IN CCNA CYBERSECURITY