At one time time, the IT department was perceived as a back office support function. Unlike the sales or marketing departments, there didn’t exist a direct correlation between IT spending and revenue. Today’s enterprise operates in a different landscape. Executives now view information as a competitive advantage and the IT department as the driver of innovation and growth. With the rapid adoption of cloud computing, the role of the IT professionals is starting to shift from a builder of technology to a broker of external services. Combined with new cyber threats, the skills needed to be successful in IT are changing rapidly.
For years, IT leaders have complained of a shortage of skilled IT professionals. This skills gaps is so critical that it is beginning to have an impact on the security of enterprise data. For IT workers who are willing to invest in their own skills, however, this presents an opportunity to become even more valuable to their employers. A recent survey from the Cloud Security Alliance (download a free copy here) asked IT leaders which IT skills they believe will become more important over the next five years. Below are the top skills, ranked by the number of IT leaders who predict they will rise in importance over the next five years, as well as some helpful tips and resources to help you improve these skills.
1. Incident response management
80.4% of respondents named this as a skill that will become more important or much more important. In a previous post, we explored how to respond to a data breach, which included creating an incident response plan, understanding where the most sensitive data resides, building a crisis communication team, assigning specific tasks to individuals, and running practice drills so that everyone on the response team understands their role.
It’s one thing to learn from your own mistakes, but with data breaches it’s better to learn from others’ mistakes before you make your own. This means examining the worst data breach responses as well as the best ones.
But the key to incident response isn’t just related to the skills of individuals. Incident response is an organization-wide activity which involves members from several departments. Therein lies the difficulty of improving this particular skill. At the individual level, it’s a combination of having skills such as agility, responsiveness, attention to detail, critical thinking, and leadership. At the team level, it requires collaboration, patience, persistence and having good team chemistry led by a competent leadership team. And it often requires communication with non-IT departments (see more below).
The incident response team and the subsequent management of the incident will likely be as good as the weakest team member, so the makeup of the team, the training they receive, and their ability to collaborate and cooperate under duress will play a large role in the outcome of an incident response.
2. Analysis expertise with very large datasets
In 2010, Eric Schmidt made the bold claim that every 48 hours, people generated as much data as we had from the dawn of humanity up to 2003. Data, however, is useless without the skills to analyze it. So what skills are required to perform analysis on large datasets? This is where data science becomes relevant. Most data scientists start out with an academic background in either statistics or computer science. Data science, however, operates at the intersection of statistics/mathematics and computer science, which means one needs to be proficient in both to become an effective data scientist.
Data scientists need a solid understanding of database management, the scripting languages to query data, as well as the ability to use open source technologies, such as Hadoop and its processing system called MapReduce, for data processing. Many so-called “big data” technologies are built on Hadoop. Whether you run your own Hadoop clusters in your data center, or leverage big data solutions from cloud providers such as Amazon, the ability to use these tools to manipulate and understand data will be increasingly important in the coming years.
Both MIT and Coursera provide online courses for those interested in advancing their careers in data science, including The Data Scientist’s Toolbox created by John Hopkin’s University, Master Algorithmic Programming Techniques created by UCSD, or Coursera’s 9-course intro program to data science which includes courses about R-programming, data cleansing, regression modeling, and machine learning.
3. Communication with non-IT departments and executives
This is a skill that applies to all disciplines, not just IT. It becomes especially important, however, for IT and IT security professionals since their work involves a lot of technical details that doesn’t have an easy-to-understand analog in other departments.
Imagine you work at a large bank within the IT security department and you’re in charge of threat detection and remediation. You discover a server-side polymorphic attack, like Carberp, in one of the computers. Your malware detection system has the signature of the malware so you’re able to catch it before it can steal customer banking credentials. Two days later, however, a large cache of user credentials have been put up for sale on darkweb. When the CEO asks how this happened, you must be able to distill the technical details in laymen’s terms. You can either say:
“Polymorphic malware has the ability to change its signature constantly, so while the first iteration of the malware was detected because we had that signature, our anti-virus system didn’t have the other signatures, so we couldn’t detect the virus in time”
Or you can say:
“The infected user’s computer sent registration information to a command & control server (which is a computer that gives orders to botnets and receives reports from the infected computers), at which point the polymorphic generator generated a new piece of the malware that’s re-packed/re-encrypted with a randomly generated key.”
Both are equally accurate but the former is far easier to understand by someone without a technical background in polymorphic malwares.
The ability to effectively communicate with those who aren’t well-versed in a subject is something you can develop over time. It usually starts with learning to be a good listener, seeking speaking opportunities where one can discuss a technical topic in front of non-technical individuals, or volunteering on projects that involves cross-departmental collaboration. These universal skills can help any IT person better understand the perspective and objectives of the line of business.
4. Ability to write code and application development experience
While most IT and IT security professionals aren’t required to be full stack developers, it’s important to understand some level of programming and be able to write scripts as needed.
Codecademy is arguably the best place to start to learn coding. Free Code Camp is another online service that beginners can use to learn to code. The great thing about Free Code Camp is that it gives you the opportunity to build a portfolio by working on large projects for non-profit organizations to get real-world coding experience.
Other resources include:
Another option would be to join a coding boot camp which are months-long on-site programs that are becoming increasingly popular and producing successful coders. Here’s an exhaustive list of coding boot camps.
5. Security certifications
There are a lot of certification available that can help IT security professional standout. Two of the more common ones are the Certified Information Systems Security Professional (CISSP) and the Certified Information Security Manager (CISM). Certified IT security professionals tend to earn more than their non-certified counterparts.
CISSP is more useful for the practitioners of cybersecurity. It tests the technical understanding of day-to-day security activities which includes network security, security engineering, risk management, and application development security. CISM, on the other hand, helps one become better at creating and managing security programs. CISM certified professionals are better equipped to be security managers and usually have an in-depth understanding of risk management.
Those looking for an entry level certification might find CompTIA’s Security+ certification valuable. Those individuals who are in advanced stages of their career will find the Certified Cloud Security Professional (CCSP) highly valuable given the growth of cloud adoption and the lingering security concerns around cloud computing.