We are in a state of deep technical debt in security, and there’s no hiding it. Almost all of the threats our peers were warning management about a decade ago are now the realities we face on a daily basis. Because security wasn’t seen as essential — and because the pipeline wasn’t created in colleges and universities — we’re facing a hiring shortage today. Perhaps most importantly, since no education can prepare a student for the real world, training is our only option to fix the problem.
Only a few organizations can afford to pay the salaries required to hire the top talent in our field. The rest of us need to train people internally and help our new hires develop the skills we need them to have. Using training and promotion as an incentive to hire and retain employees seems to be a logical solution — even if it’s going to take long-term planning to make it effective.
Tag: training
Infosec Skills Gap
[exif id="24333"]
Ricoh Danielson is a U.S. Army Combat Veteran of Iraq and Afghanistan and founder of (Fortitude Tech LLC). Problem statement:
There is a huge demand for infosec professionals but at the same time, many aspiring security personnel are unemployed and left to the wind due to the fact that employers and companies don’t allow them to obtain the skills needed through on-the-job training. This is what some refer to as the “skills gap.”
It's not just the novices that are suffering through this. Many experienced workers who are looking to learn a new area of infosec are also caught in this trap. Solution statement:
Noting this gap, I took the initiative to start up EXXOTeck Training out of San Jose. There, I am bridging the gap for underemployed, unemployed, and/or learning adults who are seeking to gain real-life skill sets in cyber security. In line with market demands, we’re providing hands-on experience by bringing in world-leading experts from Cisco, AWS and other services providers to help students connect the dots.
The industry needs much more of this.
These hands-on experiences can range anywhere from creating a network and peer-conducted penetration testing to studying companies and reviewing their defensive postures. Many times, students will find themselves in a scenario where they are either conducting a security assessment or acting as a CEO. Consequently, students can learn what it means to do the job of a cyber security professional and to know what overall business impact this type of work might have.
