Be the IT Hero in Your Organization with the Latest Cyber Security Skills
Despite the constant headlines about breaches and cyberattacks, security remains woefully underrepresented in organizations around the globe. The 2018 Global State of Information Security Survey (GSISS) from PwC finds that 44% of organizations do not have an overall information security strategy, 48% lack an employee security awareness program, and 54% do not have an incident response process in place.
What organizations need most today is an IT professional who has the cyber security skills to provide first-hand know-how and help navigate the increasingly complex risk environment facing businesses of all sizes. They need an IT hero with the following attributes.
Understand that risk management is critical
The GSISS finds only 44% of organizations report having a CSO/CISO-leading security strategy. And 75% say their IT and security departments are managed together. That means the opportunity is ripe for an IT professional with an interest in risk mitigation to take the security reins and demonstrate cyber security skills and leadership in this area.
Specific skills are necessary to be able to advocate for risk management. These include an understanding of NIST’s Risk Management Framework (RMF), a set of policy and standards for security. Becoming informed on RMF gives you the knowledge you need to help your organization assess risk and establish security documentation.
Advocate for cyber security culture and best practices
Another important attribute of an IT hero is taking the lead in advocating for a cyber security culture that is pervasive throughout the organization. In some organizations, employees believe security is someone else’s job. IT should be forging ahead with a message that security culture requires everyone to be invested in the company’s defense and protection. This starts with creating a strong awareness program for all users.
The IT hero should also be on top of the latest vulnerabilities and attacks plaguing business, and championing secure app development and the software development lifecycle (SDL). Security must be baked in from the outset of app creation, and development should be thinking about security at the start, not as an afterthought. The IT pro who understands the secure SDL could be the hero who prevents a headline-making incident from impacting their organization.
Have technical security acumen
This is where the rubber meets the road. Becoming an IT hero requires hands-on cyber security skills, including technical acumen, ability and practical experience with systems. While leadership and security culture are crucial, the IT pro who can demonstrate the skills to implement, monitor and administer IT infrastructure using information security policies and procedures is in demand and can make the difference between breached and protected.
Strong security is one of the most fundamental elements of a healthy IT strategy, yet it often goes underfunded and unnoticed in businesses in all verticals and of all sizes. Today’s IT heroes don’t wait to be asked. They jump feet first into leading the way to a more secure future.