Challenges for the Next Generation of Cybersecurity Professionals - Matthew Rosenquist
-
Upload
matthew-rosenquist -
Category
Technology
-
view
177 -
download
4
Transcript of Challenges for the Next Generation of Cybersecurity Professionals - Matthew Rosenquist
Matthew Rosenquist Cybersecurity StrategistJanuary 2017
Cybersecurity may be fought with technology, but it is people who triumph.
We must invest in the future generations of professionals who will carry on the fight.
Agenda
Introduction
Future challenges in cybersecurity drive demand
Industry best practices and perspectives
Cybersecurity industry workforce opportunities
Needed skills, training, and student resources
Questions and Answers discussion
BiographyMatthew RosenquistCybersecurity Strategist and Evangelist, Intel Corporation
25 years in the field of security, specializing in strategy, threats, operations, crisis management, measuring value, communications, and establishing strategic organizations which deliver optimal security capabilities.
As a cybersecurity strategist, he champions the meaningfulness of security, advises on emerging opportunities and threats, drives industry collaboration, and advocates a sustainable balance of cost, controls, and productivity across business, governments, and academic sectors.
• Consults globally to governments, academia, business, and cybersecurity professionals• Built and managed Intel’s global Security Operations Center• First Incident Commander for Intel’s worldwide CERT • Managed security for Intel’s multi-billion dollar worldwide M&A activities• Overseen internal platform security products and services • Strategic planner for the Intel Architecture security playbook• Unified synergies forming the 3rd largest global security product organization• Conducted investigations, defended corporate assets, established policies, developed strategies to
protect Intel’s global manufacturing
Matthew is an outspoken evangelist and advocate of cybersecurity who delivers keynotes, speeches, lectures, and has a significant social following of security technologists and global professionals.
4
Twitter: @Matt_RosenquistLinkedIn Blogs: https://www.linkedin.com/today/author/matthewrosenquist
Future Cybersecurity Challenges drive demand
5
Security Industry Needs Leadership
“...If security breaks down, technology breaks down”
Brian KrebsNoted Cybersecurity Reporter
Innovation Drives Risk Convergence
New technology bridges the virtual and physical worlds, to connect and enrich peoples lives
Rapid Shift of Skills in the Industry
Needed skills will change over time, as security, privacy, and safety evolve.
Strategies will evolve, to expand what is possible, in order to align with shifting expectations.
The next generation of security professionals must understand and be able to contribute to the delivery of best-known-practices.
Evolving Landscape, Adversaries, and Battlefield
i29 countries
Have formal cyberwarfare units
i63 countries
Use cyber tools for surveillance
i
$19 billion US 2017 proposed
budget for cybersecurity
i$6 trillion
Cyber-crime impact globally by 2021
i200% increase
In cyber-crime in the last 5 years
i$3 –$90 trillion
Aggregate innovation impact of cyber-risks by 2020
Ha
rd
-
Att
ack
Dif
ficu
lty
-
Ea
sy
IMPACT GOES FAR BEYOND
Cybersecurity costs
typically measured as part
of an incident
Actual costs of long term
impacts including lost
contract revenue, operational
disruption, devaluation of
trade name, loss of IP, rises in
insurance premiums,
increased cost to raise debt,
customer relationship impacts
%COST
~1%*
Source: US Tech Manufacturing Company Case Study , Deloitte
~99%
i35% US population
Healthcare records exposedin 2015
i400k New Malware/Day
575 million uniquesamples of malware exist
i+2 Billion Users
4 billion users online by 2020, up from 2+ billion in today
i50-200 Billion Devices
Connected to theInternet by 2020
i25+ Million Applications
Connected by 2020 creating 50x the volume of data
9
Changing Digital World
10
Growing Number of Users: 4B connected people
More Users
New Devices
Innovative Usages
Generating Vast Data
Sensitive Functions
Increased Target Value
New Devices Types: 50-200B IoT devices
Innovative Usages and Access: 25M+ applications
Creation of Vast Amounts of Data: 50 Trillion gigabytes
Critical Functionality: Infrastructure, Defense, Transportation
Creates Targets with Increased Value
4 Levels of Cybersecurity Impacts
11
Denial of Service (A)• Access of customers• Availability of data,
systems, & services• DDOS network attacks,
ransom-ware data locking attacks
Data Theft& Exposure (C)• ID Theft• Privacy• Data Breach• Transaction data• Database hacks,
skimming, lost storage, keylogging
Monitor & Manipulate (I)• Internal-access
surveillance for advantage
• Tamper / Manipulation• Long-term data
gathering campaign
Own & Obliterate (C/I/A)• Administrative ownership and control• Capability of unrecoverable obliteration• Strategic attack, undermining of org capability
Security Competency
Attacker Innovation
Attacks evolve over time for different technology
and usages
Security Futures Summary:
12
1. Threats remain equitable to the growth and use of technology
2. Age of massive connectivity (ex. IoT, mesh, 5G/6G, blockchains, etc.) drives opportunities (for good and bad – cyber threats will take advantage)
3. Society expectations raise for cyber security, privacy, and safety
4. Tipping points approach: threats to life-safety, cybercrime hyper-growth, offensive cyberwarfare
5. Pendulum swings towards more security, ultimately settles for an optimal balance (regulatory, nation-states, technology innovators/manufacturers)
6. Emerging data, devices, and services are targeted by Threat Agents pursuing their objectives, driven by their specific motivations
Industry best practices and perspectives
13
The Best Organizationsa
Seeks Optimal Risk
Risk management planning
Anticipates impacts
Balance Cost, Risk, & Usability
Adapts to shifting demands
Comprehensive Processes
Security as a continuous cycle
Continuous improvement process
Technology and Behaviors
Obstacles and Opposition
Leads into the Future
Clearly defines success
Plans for a sustainable future
Roles and accountability
Continuously adapting
14
Important Considerations…
15
Smarter vs More
Collaboration across security functions improving effectiveness
Better IT choices & enablement
Properly balancing the risk, cost, and usability constraints
Expectations Drive Change
Society’s expectations shift with pain, impact, and inconvenience
Trust will be valued, demanded
Security, privacy, and controls will align with greater impacts
Controls Must Adapt
Innovation intersecting emerging attacks to keep pace with attackers
Static defenses are easy to defeat
Intelligence, analysis, and actions must feedback to improve systems
Future Technology to be Designed with Security
Smart Security innovation must deliver more capable solutions to keep pace with threats
Ubiquitous Security must protect data wherever it exists or is used, for all parties and devices across the compute landscape
Trusted Technology and security providers must be trustworthy, in the creation and operation of their products
Strong Products and services must be hardened to resist compromise and make security transparent to users
Open Platforms and security standards must be open to promote collaboration and accelerate adoption
Security must be part of the design
for future technology. Adding security after, is no longer sufficient or
sustainable
16
Cybersecurity industry workforce opportunities
17
Lack of Security Talent Hinders the Industry
The lack of qualified cybersecurity talent will greatly restrict the growth and effectiveness of security teams.
Academia is working to satiate demand, an estimated 2 million unfilled cybersecurity positions by 2017, but it will take time.
Result:1. Salaries will continue to rise until demand is met2. Headhunting and retention of top talent becomes
ruthlessly competitive3. Leadership and technical roles in greatest demand4. Outsourcing to MSSP’s and security firms will increase
Cybersecurity Workforce Shortage
o 1.5-2 million estimated unfilled positions by 2017
o Job postings rose 91% (2010-2014)
o Leaders and engineers in highest demand
o Professional Services, Finance, Defense and Manufacturing are leading sectors
o Finance, Healthcare, and Retail are growing fastest
o ‘Hybrid’ jobs are increasing, contributing to demand
Needed skills, training, and student resources
20
Skills and Training
The best way to prepare the next generation of cybersecurity professionals:
• Hard Skills (technical)
• Soft Skills (behavior)
• Experience (contextual)
• Job Market Insights (opportunity data)
Hard Skills
Soft Skills
Experience
Job Market Insights
Navigate to
Success
Soft Skills are Important1. Dependability – Being dependable means that you do what you say you will, when you say you will. You can be trusted
to complete any task, and you will do it well.
2. Motivation – You should be able to motivate yourself to get tasks done, and take the initiative to find new ways to improve upon not only yourself and your work, but also your organization.
3. Communication – This is one of those skills you hear about all the time, and that’s for a reason. Communication is the key to any human interaction, especially in the workplace.
4. Commitment – Employers want to know that you’re not only committed to the company and your job, but to turning out the best work you can, every time.
5. Creativity – Can you think about problems in a new and interesting way? Show your employer how.
6. Problem Solving – If you’re confronted with a problem, employers want to know that you will do everything you can to fix it. Your creative skills will come in handy here.
7. Flexibility – Sometimes, your job is going to be a little like a roller coaster. Can you adjust to the chaos?
8. Teamwork – You’re not done with group work after graduate school. Working in a team is an essential part of almost every job.
9. Leadership – You may not be a natural born leader, but can you step up and guide either a group of people or a process if necessary?
10. Time Management – Ability to balance workloads and prioritize what gets done, in the face of many deliverables
http://www.nationalsoftskills.org/top-10-soft-skills-for-success/
Experience and Certification
Source: Burning Glass Technologies report -Job Market Intelligence: Cybersecurity Jobs, 2015
Job Posting Requirements
35% Industry certifications
84% Bachelors degree or higher
83% 3+ years of experience
10% Security Clearance
Relationship between experience and certification
• Entry level certifications typically require less than 3 years of experience
• Advanced certifications require at least 3-5 years experience
Many, Many CertificationsGSLC: GIAC Security Leadership ManagementGISP: GIAC Information Security Professional ManagementGCPM: GIAC Certified Project Manager ManagementGSEC: GIAC Security Essentials Security AdministrationGCIH: GIAC Certified Incident Handler Security AdministrationGCIA: GIAC Certified Intrusion Analyst Security AdministrationGPEN: GIAC Penetration Tester Security AdministrationGWAPT: GIAC Web Application Penetration Tester Security AdministrationGISF: GIAC Information Security Fundamentals Security AdministrationGCWN: GIAC Certified Windows Security Admin Security AdministrationGPPA: GIAC Certified Perimeter Protection Analyst Security AdministrationGCED: GIAC Certified Enterprise Defender Security AdministrationGICSP: Global Industrial Cyber Security Professional Security AdministrationGXPN: GIAC Exploit Researcher & Adv. Pen Tester Security AdministrationGAWN: GIAC Assess & Audit Wireless Networks Security AdministrationGCUX: GIAC Certified UNIX Security Administrator Security AdministrationGMOB: GIAC Mobile Device Security Analyst Security AdministrationGMON: GIAC Continuous Monitoring Certification Security AdministrationGCCC: GIAC Critical Controls Certification Security AdministrationGPYC: GIAC Python Coder Security AdministrationGASF: GIAC Advanced Smartphone Forensics ForensicsGCFE: GIAC Certified Forensic Examiner ForensicsGREM: GIAC Reverse Engineering Malware ForensicsGCFA: GIAC Certified Forensic Analyst ForensicsGNFA: GIAC Network Forensic Analyst ForensicsGSSP-JAVA: GIAC Secure SW Programmer-Java Software SecurityGWEB: GIAC Certified Web Application Defender Software SecurityGSSP-.NET: GIAC Secure SW Programmer- .NET Software SecurityGLEG: GIAC Law of Data Security & Investigations LegalGSNA: GIAC Systems and Network Auditor Audit
NICE Framework
National Initiative for Cybersecurity Education framework (NCWIF)http://csrc.nist.gov/nice/framework
• Reference resource defining cybersecurity work and a standardized set of required tasks and skills.
• Designed to help organizations educate, recruit, train and retain a qualified cybersecurity workforce.
Job Market Insights
CyberSeek.org - free interactive resource for cybersecurity job seekers, sponsored by NIST, CompTIA, and NICE.
Job Market Insights
• Job locations & salary
• Openings concentrations
• Demand averages
• Titles and roles
• Certification prevalence
• Alignment to NICE framework
• Career advancement pathways
The Future of Cybersecurity Education is Bright
Emerging challenges will drive the needs in cybersecurity – Understand the market needs
Employers will expect workers to know and apply industry best practices and perspectives – Align academics to the future expectations
The roles are expanding for incoming cybersecurity workforce – Prepare students for the new roles
Resources are emerging to assist academic staff and graduates to understand the needed skills and opportunities – Empower students to be self-sufficient in tracking employment demands