By Jim Zimmermann
One of the “Big Four” accountancy firms made the news headlines in September 2017 following the announcement that they suffered a major hack of their systems and data. This demonstrated two things:
#1 Cyberattacks are not stopping any time soon.
#2 No one is immune – not even a Big Four firm that as part of its services offers cybersecurity consulting.
While we might debate what could or should have been done, the truth is it is imperative that every organization has a solid IT team or department proficient and fluent in the language and skills of information or “cyber” security. So pervasive and urgent is the threat, the cyber security professional is now one of the most in–demand jobs on the planet and demand is so large that it is estimated that there will be a global shortage of 2 million cyber security professionals by 2019. In the US alone, roughly 40,000 jobs for information security analysts go unfilled and employers are struggling to fill 200,000 other cyber-security related roles.
Rather than resigning yourself to this news and wondering how to find and attract such elusive personnel to your company, consider another option. The build your own, or DIY option, where you offer training and develop your own employees, equipping them with the required security skills. This not only supplies the organization with these highly desired people (who are already familiar with your company and culture), training has the added advantage of helping recruitment and retention.
Some might balk at this idea and struggle with how to get started, but there is an abundance of training and certification content on the market today and all pretty much available in a variety of formats, on multiple platforms. Mobile? Check. Quick 3-5 min. videos? Check. Longer, more in-depth courses? Check. Additionally, CompTIA and other internationally recognised training bodies have designed and established highly regarded frameworks for developing certified expertise in computer security and they cater to everyone from the entry-level novice to the advanced security practitioner. Is there the opportunity to study and prepare for these online? Absolutely.
But for a training program to be truly effective, you can‘t simply assign a day or a week to learning and development (L&D) and then assume that is all that is required. No. Because the underlying technology is in a constant state of change, organizations must dedicate time and resources to ensuring that your IT security professionals are always one step ahead and the hackers and “bad guys”. To achieve the desired result, and avoid or at least reduce the possibility of an attack, security training must be a continuous affair.
We’ve taken IT and cyber training seriously for quite some time now and have a comprehensive curriculum designed by and featuring some of the top IT security experts in the business.
Some of our most popular IT Security courses are:
- Information Security – Compliance content for the entire organization, train them on the basics of what they can do day-to-day or IT Security for End Users
- Certified Ethical Hackers (CEH) – you spoof actual hackers’ attempts to hack your network to discover vulnerabilities before a real attacker finds them
- CompTIA cybersecurity certifications (Security+, CompTIA Cybersecurity Analyst (CSA+) and CompTIA Advanced Security Practitioner (CASP)). CompTIA CSA+ is an internationally recognized professional qualification created to fill the gap in cybersecurity credentials and address the unique role of the cybersecurity analyst.
- Cisco certifications in security (CCNP Security or CCNA Security)
- ISC2 certifications (Certified Information Systems Security Professional (CISSP)
To learn more about how training is key, the secret weapon in the war on hackers, read Jim Zimmermann’s The Bedrock of IT Security: It starts with training.
Jim Zimmermann is a Senior Manager of Skillsoft’s Solution Practice and a Solution Principal – IT & Digital Skills.