Are new security specialists starting at a disadvantage?

Lumeta's Sanjay Raja lines up for a Security Slap Shot on how the current pathway into security puts people at a disadvantage

Are new security specialists starting at a disadvantage?

Two decades ago, if you told someone you were going to focus on security, you might get counseled on the risk of your career choice.

At least, that’s what happened to me.

I was told I was going to limit options and instead needed to focus on growth areas like desktops and networking. Back then, security was an all-encompassing term. Over the last few decades, security has captured headlines and created the need for more … solutions, approaches, people … you name it.

In the process, security has gotten more specialized, too. And while that’s generally a good thing, I’ve noticed a number of us note our pathways forced us to develop more well-rounded skills. People seeking to enter the field are forced to choose their niche, sometimes before they even understand what it means.

Sanjay Raja (LinkedIn), chief marketing officer of Lumeta, takes a shot to explain why this puts newcomers at a disadvantage. Sanjay brings over 20 years of experience in cybersecurity and networking, specifically focused on network security, network forensics, threat detection and response, SIEM, security testing, and cloud and virtualization Security. Sanjay is a CISSP with a B.S.EE and an MBA from Worcester Polytechnic Institute.

And here’s his Security Slap Shot:

The more concentrated skills of today’s junior security specialists put them at a disadvantage.

Every day, there’s a new article about the security shortage and skills gap. But few of these articles discuss the contrasting career paths of veteran security pros and the junior security specialists of today, and how that contrast is responsible for many of the industry’s struggles around gaps in skills.  

Today’s seasoned security professionals come from a bygone era where they started out as network practitioners, working their way through different areas of IT (data centers, network architecture, sysadmins, etc.) prior to becoming a cybersecurity professional. The traditional career route of yesterday gave veteran security pros a holistic understanding of how security practices and architectures are dependent on the network and that real-time network context is core to detecting threats and speeding remediation.

This holistic understanding has proven beneficial as security professionals go up against cybersecurity adversaries who have themselves gained a comprehensive knowledge of the network through their attempts to compromise IT systems in multiple ways.

Nowadays, most junior security professionals come right out of college with a baseline security foundation as they enter the workforce, but they lack that foundational and practitioner knowledge of the networking side of things. This trend is causing real-world challenges for security operations center (SOC) teams. What can organizations do to alleviate the strain on its security professionals, better protect the business and—most important—build a better SOC team?

My advice is to look for a broader skillset. If we can learn anything from the career paths that many current security pros took, it’s that going the pure-play security route with little network knowledge or practice often isn’t optimal for a junior security analyst. Be open to tech talent from other areas of IT, especially with hands-on network and desktop/server experience.

Secondly, invest in post-degree training in networking. Participating in hands-on labs and workshops will help junior members augment the security skills they learned in school with a better understanding of the network fundamentals.

And finally, invest in technology that provides better network visibility and context. Since the professionals on your SOC team won’t be able to augment their skills overnight, one thing that will bring about change more quickly is to invest in tools that help with providing the knowledge about the network to fill in that skills gap. That extra context combined with better automation can help junior security analysts and IT members better see the correlation between security events and the network impact for better identification and remediation. 

My analysis (some color commentary)

While no pathway is far from ideal, it is time to focus on offering multiple pathways into the security field. It also means clarifying continued opportunities for training and development. Ways to ensure the folks we hire get the well-rounded experience and understanding necessary to elevate and advance the security industry.

Your turn—react!

What was your pathway into security? Do you think people breaking into the field now are at a disadvantage? What are the key lessons from the last few decades to help define better pathways into security today?

Take it to twitter to talk about it with me (@catalyst) and others.

Ready… set.. REACT!


Copyright © 2017 IDG Communications, Inc.

How to choose a SIEM solution: 11 key features and considerations