Training to be secure – a win-win situation

BrandPost By SANS Institute
Dec 05, 2020
CertificationsIT ManagementIT Skills

A woman with a headset is engaged in discussion via video conferencing.
Credit: Fizkes / Getty Images

Coronavirus’ impact on the IT profession clearly indicates that technological and professional environments have changed, and possibly for ever.

The biggest lifestyle impact for many white-collar workers is that a high percentage have been forced to work from home. For some this has been a hidden pleasure, for others it’s stressful not to have contact with peers on a regular basis.

But for organisations, it has highlighted potential holes in their operations and that there may not be enough properly qualified people to fill them.

Top of the list of those holes is security.

Coronavirus means more people are working online from home (or at least off-premises). This means less control for an organisation on how its employees work. It also means a simultaneous greater reliance on IT systems – the watercooler is out, Zoom is in. Employees working off-site are inherently less secure than those in the workplace, so if someone hacks in via the attenuated communications infrastructure, then the ‘new normal’ suddenly takes on a sinister tone.

As if organisations didn’t have enough problems with cybersecurity – now they’ve just opened themselves up to more. And that situation may be here to stay.

The pressure is obviously on organisations to attract and, importantly, retain the right people with the right skills to deal with a threat situation that is evolving, and in some cases growing faster than organisations can deal with.

Status quo is not good enough, so is the industry responding?

According to US Bureau of Labor Statistics, “employment of information security analysts is projected to grow by 28% from 2016 to 2026”, which is much faster than the average for all occupations.

This is indicative that organisations are trying to keep up with the challenge, if not trying to be one step ahead. Organisations and the individuals involved need to keep up-to-date on the latest security technology and professional skills. They need to be aware and prepared for increased security cyber-attacks.

For individuals, that means giving current and prospective employers reassurance that they can “do the job” to the highest standard. For organisations, that means offering positions – new positions, more positions – to people who can maintain and improve security.

While the US Labor figures and similar studies indicate a growing market for skilled security experts, that might also come with a downside – how easy is to get the right people? Having unfilled positions does not mean organisations can afford to hire just anybody – certified and reliable skills are even more important due to the changed circumstances.

Such skills should include defensive and offensive security, forensics, issues with cloud, management, and a broad spectrum of industry application. All of these should be certified by a reputable organisation, which means training in skills that are relevant to the real world and not just an abstract certificate.

SANS SEC560 instructor Jason Nickola, who holds multiple GIAC certifications including the expert-level GSE, says that “If you’re a great practice player, but not as good at the ‘game’, then there’s a diminished value. Being able to answer questions about things isn’t the same as being able to do those things.”

For instance, if a cyber practitioner is on a computer that has a malicious process running on it, can they determine which process is malicious? Of if the practitioner is presented with a .conf file that has an error in it that causes a program to crash, can they identify the error and fix that file? Can the practitioner identify what type of traffic is occurring in a packet capture file?

The potential employee must be able to prove that their skills are reliable. Outside of complex on-the-job testing, which is not normally practical, the employer often relies on personal references and the bona fides of the source of the individual’s training.

Certification through a recognised supplier gives all parties reassurance and value. For individuals, apart from increased employability, this also means increased prestige, self-satisfaction and self-marketability.

SANS, the largest source for information security training and security certification in the world, says it has adapted to the current situation by offering on premises or off-premises activity with online training (which offers convenience, flexibility). In Australia’s current COVID-19 situation, on-premises training is not as much of a health risk as it is in many other countries, so SANS is offering In-Person Live-Stream training (IPLS) in Australia, where students can train in person in a classroom environment with a live streamed instructor. “The best of both worlds,” it says.

Overall, a reliable training provider offering real world solutions, from real world security practitioners who are on the front line every day, with lots of real stories and experiences to share, is a vital component in effectively combatting cyber-security threats.

Not something to be taken lightly in a post-COVID, ‘new normal’ environment.

Further information on SANS training and GIAC certification is available from