The Skills That Modern IT Security Requires

By Tejas Vashi

Both cyberterrorism aimed at creating widespread panic and alarm, and cybercrime focused on stealing of confidential information for economic gains are on the rise. The approaches used to hack or disrupt networks are growing in sophistication, building off of vulnerabilities introduced by user demands for mobile access, cloud services, and new applications. In response, IT and security professionals need to be more agile and must continue to sharpen their skills in order to stay ahead of growing threats and vulnerability types. As security threats continue to grow in complexity, scale and volume, a skills gap of IT professionals who can monitor, proactively analyze traffic for security threats and mitigate identified security incidents has emerged.

The 2014 Cisco Annual Security Report indicates a shortage of more than a million security professionals across the globe in 2014 alone. This means that most organizations do not have the people or the systems to monitor their networks consistently and to determine how they are being infiltrated.

At the same time, we have entered the era of the Internet of Everything (IoE), a world that brings things, data, processes and people together into a vast web of connectivity. All of these network-connected things have significantly expanded the attack surface, bringing additional security challenges to bear. Most organizations now realize that it’s not a question of “if” but “when” they will be under attack.

As such, IT security requires new skill sets in order to address advanced threats over a broader landscape. In particular, security analysts and investigator skills are becoming critical, in order to detect and respond to attacks in a timely fashion. In addition, security architects define how our security strategies, solutions and practices need to evolve to keep up with both the changing threat landscape and the changing business environment in light of the adoption of BYOD/mobility, cloud, big data, software-defined networks, IoE and the new breed of applications. Understanding threats and risks in this complex environment that spans multiple products, providers and users, and then determining solutions to appropriately manage the risks with investment protection, is very challenging.

Attacks can come from multiple directions, from both inside and outside the enterprise, so skilled engineers are also needed to design comprehensive detection mechanisms. Analysts and investigators must then comb through all the sources of information to find the needle in the haystack. These roles need the skills to identify malicious behaviors, correlate different activities that enhance the fidelity of the analysis and deal with false positives.

Key security skills that are emerging include:

These skills are needed now, but just as the threat landscape continues to evolve, so will security needs. Future skill sets will include the ability to automate security solutions to enable “Fast IT” — checking security health in real time and continuously in the world of DevOps, and continuous integration/delivery. IT will also need those who can develop self-service capabilities so developers, systems or network administrators are made aware of security issues and can address them on their own.

Future cybersecurity efforts will also need professionals who can continuously update operational playbooks for new types of threats, determine methods to contain balancing user impact and drive signatures, rules and intelligence back to security technologies. Tomorrow’s security pros will have to hone their skills to make sense of threat intelligence information, know what and how to apply in the environments they support and then do it.

Today’s IT security professionals face challenges unheard of even a few years ago, and those challenges will continue as the Internet of Everything expands and as cybercriminals create increasingly sophisticated attack vectors. This means that all businesses need to think about security as their mainstream business; every company is a security company. You might provide water to a major metropolitan city, but you are really involving technology and security in the delivery of that service.

There is a natural tendency to rely on IT systems to handle your core security, but that tendency is fading as breaches of companies’ security and the consequences of those breaches are changing and as liability and regulation increases. Organizations should recognize current threats and skills shortages as serious and begin to upskill current employees and seek out other professionals who can step into the new roles and keep their data safe.

Tejas Vashi is director, product strategy and marketing for Learning@Cisco within Cisco’s Services organization. In this role, he leads the product management team responsible for building and maintaining the comprehensive product portfolio strategy, establishing cross-company alignment with respect to education for Cisco’s products, systems, solutions and architectures, and establishing the global learning portfolio characterization to meet internal, partner, customer and industry training, certification and enablement requirements. He also leads the marketing function which is responsible for market research, global field and events marketing, promotions planning and communications.