Cyber-attacks are an ever growing threat in today’s tech environment
Evidence suggests that the demand for professionals with the requisite skills to detect, respond to and prevent cyber-attacks has never been higher. And it is likely to continue growing for the foreseeable future. In today’s Skills Revolution we explore the specific skills required to be a cybersecurity professional and how all companies need to be aware of the threats that exist.
With the new Directive on measures for a high common level of cybersecurity across the Union (NIS2) adopted on 16 January 2023, European Member States will need to have a coordinated vulnerability disclosure policy adopted and published by 17 October 2024. In addition, other ongoing legislative developments will also address vulnerability disclosure, with vulnerability handling requirements already foreseen in the proposed Cyber Resilience Act (CRA).
What exactly do we mean by cybersecurity?
Put simply, cybersecurity is the practice of securing networks, devices, and data from unauthorised access or theft. Given that almost all interactions we have with the online world are through software applications, networks and the cloud, it should come as no surprise that the greatest demand is for programmers who can ensure the security of each interaction to prevent a cyber-attack. Cybersecurity is a broad field and there are a number of entry points and career pathways. But the need for cybersecurity experts is currently outpacing the supply of qualified candidates.
What are the skills needed for a career in this field?
Abodoo have identified the following 8 key cybersecurity technical skills necessary for a career in cybersecurity:
1. Scripting
Scripting is a type of coding in which you make a program do something. The difference being that while coding is static, scripts can make images and text move around.
2. Controls and Frameworks
A cybersecurity framework provides a collection of best practices, policies, tools, and security protocols designed to help secure an organisation’s data and business operations. A control is a measure your company uses to protect itself from vulnerabilities and attacks.
3. Operating systems
As security threats exist across all operating systems, both on computers and mobile devices, a cybersecurity expert is required to have a solid understanding and working knowledge of MacOS, Windows, Linux, as well as their command-line interfaces.
4. Network Security Control
As many cybersecurity attacks take place across a network of connected devices, the same technologies that allow companies to collaborate can also lead to security vulnerabilities. To keep an organisation secure, a cybersecurity professional requires an understanding of wired and wireless networks, and how to secure them.
5. Intrusion Detection
Knowing how to use intrusion detection software—security information and event management (SIEM) products, intrusion detection systems (IDS), and intrusion prevention systems (IPS)—quickly enables a cybersecurity specialist to identify suspicious activity or security violations.
6. Incident Response
While prevention is the goal of cybersecurity, quickly responding when security incidents do occur is critical to minimise damage and loss. Effective incident handling requires familiarity with your organisation’s incident response plan, as well as skills in digital forensics and malware analysis.
7. Software Development & Operations
Security risks often exist within applications themselves. This has resulted in more companies adding a security focus to their software development and operations phase to help ensure that applications are secure from the start.
8. Regulatory Guidelines
Cyber security needs to protect an organisation from attack, theft, and loss, as well as comply with industry regulations. For an individual working for any company familiarity with General Data Protection Regulation (GDPR) is required. Additional regulatory requirements may be an industry specific requirement.
The ECSF (European Cybersecurity Skills Framework), additionally provides an open European tool to build a common understanding of the cybersecurity professional role profiles and common mappings with the appropriate skills and competences required. The ECSF summarises all cybersecurity-related roles into 12 profiles, which are individually analysed into the details of their corresponding responsibilities, skills, synergies, and interdependencies. It provides a common understanding of the relevant roles, competencies, skills, and knowledge required, facilitates recognition of cybersecurity skills, and supports the design of cybersecurity-related training programmes. There are also excellent educational programmes such as EIT Digital's Cybersecurity Master’s programme that are developing the next generation in Cyber professionals.
Further skills mapping can be carried out to analyse those individuals within organisations and regions who have the requisite cybersecurity skills and identify where the gaps exist. The pace of change is rapid, and this is not something that can be left to chance. We therefore encourage you to carry out a skills mapping audit within your own organisation to ensure you are not the next victim of a cyber attack.
By
Fiona Whelan
Abodoo Director of Education and Skills
Subscribe to this newsletter for weekly skills insights above
Who we are
Abodoo is a skills technology company transforming future learning and lives.
What we do
We provide governments and educational institutions, skills software and actionable insights that can bridge the digital divide, empower individual lifelong learning paths and ensure greater inclusivity for the future of work.
How we do this
We achieve this through mapping skills at a macro and micro level, recommending individual learning paths, providing access to unlimited educational providers, implementing an automated inclusive skills matching for marketplaces and giving actionable insights for future skills investment. All of our solutions can be integrated and provided in a white labelled capacity.
For more information: [email protected]
Book a Skills Meeting
Previous newsletters include
V14 The race between new Skills and AI has begun
V13 How can we better recognise the skills and talent of people with disabilities?
V12 What I learnt in Brussels on the Future of the Digital Skills Revolution
V11 The beauty of Brussel's Skills Vision
V10 Davos 2023 - Is it time to give up on Skills?
V9 Skills Taxonomy - Whats the importance and risk
V8 Smart Skills Investment brings Success
V7 Synergies between Skills and Remote
V5 2023 Year of Skills - What does it mean for you?
V3 How the Unity of Education and Industry can transform skills shortages
V2 Your gold is in a Skills Audit