Cybersecurity professionals are in demand, but how can cybersecurity skills be helpful for professionals not in the cybersecurity field? The experts at BrainStation share how cybersecurity skills can be an asset to software engineers, product managers, computer support specialists, IT technicians, and business analysts. Plus, can cybersecurity be learned in a course? We take a peek into BrainStation’s new, online Cybersecurity Certificate Course!
Meet the Experts:
Why is there such a heightened demand for cybersecurity now?
Jackie: We live in a time where data and information are some of the most valuable resources that one can have. There is power in data and information and people will go to great lengths to get their hands on resources that will give them an edge. Whatever the reason – there are many opportunities for data and information to be intentionally or unintentionally exposed, altered, or made unavailable. It is for these reasons that we need cybersecurity. There can be serious financial, legal, and reputational consequences if the confidentiality, integrity or availability of data and information are compromised and appropriate measures (i.e. cybersecurity) must be in place to protect our most valuable assets.
Ben: In 2021 and beyond, we’ll see more devices connected to the internet and more information stored online. While this growth has benefits for both businesses and consumers, it also means that data breaches will continue to increase in frequency. These breaches have serious implications for the companies involved and their customers.
Chad: The impact that these incidents have on individuals, companies, and even countries can be devastating and include major fines, loss of business and even real-world physical damage. That’s why cybersecurity has become so intertwined with our digital world.
Is it important to learn cybersecurity skills even if you are not working in the cybersecurity field?
Ben: Many people associate cybersecurity with IT, but it’s so much more than that! Cybersecurity needs to be a consideration in decisions made by people in management, human resources, finance and accounting, and beyond. The better people are trained in cybersecurity across an organization, the easier it will be to keep that organization secure.
Chad: Cybersecurity skills are a necessary prerequisite for all employees. It is akin today to being able to read and write or use a computer. There is also a difference between being just generally aware of cybersecurity issues and being skilled in them; it has become a competitive differentiator of knowledge across all fields.
Jackie: You can set passwords to protect your bank login, but if you print out your statements and leave them on your desk, anyone can walk by and see your private financial information. You can send encrypted emails to protect files, but if you download them and save them onto a public, shared drive that file is no longer protected. There are cybersecurity behaviors and measures we should all be privy to in order to adequately safeguard our systems and data in any situation.
Will learning cybersecurity skills make non-technical applicants more employable?
Chad: Absolutely and without question. Anyone can validate this by reviewing job descriptions and finding one that does not include a mention of security or risk management. A salary raise may be one benefit but more and more it is becoming an essential requirement just to ensure you are on the same level of other candidates or coworkers.
Jackie: It’s a great skill to have in your back pocket. Most people outside of the cybersecurity field don’t know of or understand basic cybersecurity concepts, so if you can bring that to the table, it will definitely make you more marketable. You don’t have to be an expert, but basic knowledge of cybersecurity will only help you. If cybersecurity skills is something you are bringing to your organization and you are making an impact, it’s worth having the conversation with your supervisor about a salary raise. Ask yourself, What will the company’s Return on Investment be if you are given that raise? What can you offer? If you can adequately show there is a business case for you to obtain a raise based on your newly acquired cybersecurity skills - then go for it.
How Software Engineers Use Cybersecurity:
Chad: Vulnerabilities in software are a leading vector that cyber attackers use to exploit systems. Software developers and engineers need to be aware of what makes secure code and following a secure Software Development Lifecycle is now a standard requirement. The costs of remediating faulty code makes it crucial to get it right the first time.
How Product Managers use Cybersecurity:
Jackie: Being responsible for a product over its entire lifecycle comes with a slew of responsibilities, including the security of that product. Knowing where the product has potential vulnerabilities and understanding what measures should be taken to protect it will make you and your product very successful.
How Customer Support Specialists use Cybersecurity:
Ben: Employees act as the eyes and ears for the cybersecurity department. If an employee notices strange behavior on their computer, they’ll often tell a support specialist about it first. Support specialists who can recognize potential cybersecurity incidents can make the difference in whether an incident is detected, saving precious time in mitigating the incident.
Chad: Computer support specialists are a common target for cyber criminals and therefore knowledge of how they can be exploited is crucial in the role. When helping provide support, support specialists also need to know what changes in systems could lead to a potential compromise.
How IT Technicians use Cybersecurity:
Jackie: IT technicians are often the people that configure the devices and software that are used at companies. A solid understanding of key cybersecurity processes like asset management and patch management will help IT technicians better perform their responsibilities and protect the companies they work for.
How Business Analysts use Cybersecurity:
Chad: Security does not happen in a vacuum and it is not free. Business analysts need to understand the implications of security decisions and weigh risks and costs. Understanding security and risk management allows for better decision making, building and designing security and cost efficient solutions. For a business analyst, the importance of understanding cybersecurity is probably one of the most underrated and appreciated aspects of cybersecurity.
Ben: Personal security hygiene – anything from recognizing a phishing email to understanding how to keep their accounts and devices secure. You should be able to understand the different cybersecurity threats facing people and organizations, and the techniques for mitigating them.
Chad: People need to understand how to avoid being a source of compromise for attackers. This means understanding that they can be a target of attack and knowing to avoid sharing sensitive information or by falling for phishing emails or malicious links.
Jackie: I would say there are two key items: safeguarding information systems and data from threats, and figuring out what constitutes a loss of cybersecurity, such as loss of confidentiality, integrity or availability of systems and/or data.
Which cybersecurity certifications should a tech employee pursue?
Chad: Certifications provide a valuable way to learn important skills. Becoming certified also demonstrates that you are committed to learning and have chosen to pursue a recognized and designed path to education. If you are pursuing cyber security certifications, it is important to research which area in the cybersecurity industry you are interested in because the cybersecurity field and topics are so large and the content covered in certifications is equally as large and diverse. A few good certifications such as the Certified Information Security Systems Professional (CISSP), Certified Information Security Auditor (CISA) or Certified Ethical Hacker (CEH) are recognized in the industry.
The Cybersecurity course at BrainStation is an excellent option for people who are interested in learning cybersecurity fundamentals.
Ben: BrainStation’s cybersecurity course covers the cybersecurity fundamentals needed to give learners a good base of knowledge in the field. Topics covered include the fundamentals of information systems, technology, and networking, as well as a look at cybersecurity threats, defenses, and how to approach cybersecurity from a strategic business perspective.
Chad: This course gives learners context for what it means to be secure and what is required to be protected. Students will learn how to identify the fundamental elements that make systems secure and the strategies that can be implemented to mitigate risk. They will learn that risk management is at the heart of cybersecurity and how to make smart cost effective business decisions to meet desired security outcomes.
What kinds of projects will students work on in the cybersecurity course?
Chad: Students will review real-life case studies straight out of the headlines to identify common cybersecurity issues. These case studies provide real world context to the fundamental security concepts we teach.
Jackie: In addition to the small group activities we have with each lesson, there is a final group project where students will take what they have learned from the entire course and apply it to a case study where they have to make a recommendation based on a security incident that has occured. It’s a very realistic table-top exercise that would prepare them for something they may run into in the future.
Is there an ideal candidate for Brainstation’s cybersecurity course? Does an applicant need to have a programming background?
Ben: All candidates are encouraged to join! Cybersecurity is something that anyone can learn about and benefit from. The course has been designed to be accessible by people coming from a variety of backgrounds, including non-technical backgrounds.
Jackie: Anyone with an interest in learning more about cybersecurity or even looking to break into the field would be a great candidate for this course.
Chad: A technical background, coding experience, and background in mathematics are the most common misconceptions about what is required to understand cybersecurity. These are absolutely not a prerequisite for a career in cybersecurity and they are certainly not a prerequisites to participate in the course.
Since this is an online cybersecurity course, what kind of teaching style can students expect?
Jackie: Our course is very interactive and includes many opportunities for students to work in groups. There are short activities for each lesson, so breakout rooms are created for smaller groups to interact with each other. There is also a final project where students are encouraged to work in groups of two or three. Each week, we take the concepts that we’ve learned that day and give the groups time to apply their learnings to the final project. We also have two instructors to provide more assistance to students if needed.
What tips do you have for incoming students on how to make the most of their cybersecurity course experience?
Jackie: Come with an open mind and desire to learn! This course is taught by industry leaders in the cybersecurity field so it’s also a great opportunity to network with people in the industry. Ask questions, thoroughly digest the information taught each week and find ways to apply it to your life. We have students that are existing professionals in the workforce and others that are just starting out. Whatever walk of life our students come from makes no difference — there’s an opportunity to apply cybersecurity to their personal and professional lives.
Ben: For those just starting out in cybersecurity, pay close attention to places where cybersecurity overlaps with your current skills. These may prove to be your gateway into the field.
Ben: Krebs on Security has been a go-to blog for me for many years. He researches and writes about interesting developments in cybersecurity, and is a great resource for people looking to get familiar with the field. I’d also recommend looking at ISACA, a professional association focused on IT and cybersecurity. With local chapters hosting events around the world (currently virtual!), they’re a great organization to get involved with for someone looking to grow their cybersecurity skills and network.
Chad: I would also recommend groups on LinkedIn. There are also a number of local security groups based on geography or industry. A quick search and you won’t be far from finding other like-minded individuals.
Jackie: The SANS Institute is a great resource for anything cybersecurity-related – from webcasts, white papers, and newsletter – there’s no shortage of reading material.
NexGenT breaks down everything you need to know about networking certs!
Everything you need to know to prepare!
How FourthBrain helped Jorge land a job at AWS