Panaser
Leila Powell brought her scientific method from astrophysics to cybersecurity
How are galaxies formed? What happens when they collide? These are the kinds of questions Dr. Leila Powell faced in her previous life as an astrophysicist.
But in 2015, she put aside those galactic-scale questions and turned her attention to cybersecurity.
“The pursuit of understanding the universe is really important, but I got to a point where I felt like I wanted to do something that had more of an impact on people's daily lives,” says- She.
And like many job seekers, Ms. Powell was looking for better pay and conditions.
“There are various challenges in the academic journey that can deter people from sticking with it, including job security and pay compared to industry,” she says.
Dr. Powell is Head of Security Data at Panaseer, a company that helps organizations understand where they might have gaps in their cybersecurity controls.
She is one of many people who have leveraged the skills they learned in other cybersecurity careers.
Cybersecurity includes a range of roles that all aim to protect organizations and their technology from cyberattacks. Some people help prevent incidents by analyzing or improving the security of applications, networks, and devices. Others help organizations continue operations or recover when attacked.
According to ISC2, an organization of cybersecurity professionals, 39% of new hires in the industry came from a non-IT role.
“I saw an ad for a (cybersecurity) job that said they needed someone with data expertise,” says Dr. Powell. “The problem space appealed to me.”
“Being from a different industry, I was seeing things in the data that I might not have seen if I had searched for something in particular.”
When she now hires new team members, Powell doesn't worry about where people learned their skills. “I would encourage people who think they don't have the skills to take a look. If I hadn't seen this ad, I would never have thought that cybersecurity might be an industry I could get into.
ISC2 estimates that four million additional cybersecurity professionals are needed worldwide.
“I would say it's not necessarily a skills gap, because the skills are there,” says Amanda Finch, chief executive of the Chartered Institute of Information Security (CIISec). “It’s really about getting the people with the skills into cyberspace and then getting them to develop further.”
“I think a lot of this shortage is because people don't understand what cybersecurity entails,” she adds. “Security largely depends on people, processes and technology. When we do our skills shortage survey each year, technical skills rank lower than communication, analytical and problem-solving skills.
For newcomers, the salary can be good.
Cybershark Recruitment surveyed over 2,000 UK cybersecurity professionals about their salaries. Those with between one and three years' experience earned between £40,500 and £58,000 in digital forensics; and between £39,500 and £55,000 in threat intelligence.
CIISec recommends that organizations attempting to fill cybersecurity roles consider the transferable skills that career changers can bring.
Ms Finch advises organizations to divide jobs into tasks, to make it easier to identify associated skills. “If you're going to analyze logs and trends, you need someone with good analytical skills,” she says. “If it's incident management, you need someone who can work under pressure in a crisis and has good communication skills. »
Systal technological solutions
Calum Baird worked at Police Scotland for ten years
Calum Baird acquired such skills within Police Scotland, where he worked for almost 10 years. Its roles included intervention policing, violence reduction, digital forensics and cybercrime investigations.
He is now a digital forensics and incident response (DFIR) consultant at Systal Technology Solutions. The company helps clients investigate and recover from cyber incidents, including ransomware attacks.
“The police taught me to quickly assess risks and prioritize based on those risks, a very useful skill when responding to a cyber incident,” he says. “It's not really a matter of life and death (when it comes to cybersecurity), but it represents a significant cost to businesses and a significant disruption to people.”
His communication skills developed within the police are useful in his current role, which includes supporting clients on what could be the worst day of their career. “Soft skills are sometimes underestimated in cybersecurity,” he says. “That ability to talk with the client, put them at ease, clearly explain the process and reassure them that they have someone on their side fighting for them.”
Mr Baird says he always enjoyed learning new skills, which was vital in policing and remains valuable in the private sector. “There are so many different devices, operating systems and applications that you won't find anyone who knows everything in depth,” he says. “A key skill in cybersecurity is the ability to find a topic and dig deeper. »
Evangelina Balitskaya
Rebecca Taylor studied English and creative writing at university
According to ISC2, 41% of companies are trying to recruit non-technical cybersecurity people from other positions within the company. Rebecca Taylor is an example of someone who has made this transition. She is the Threat Intelligence Knowledge Lead at Secureworks. The company provides threat detection and response technology and publishes threat guidance.
“My role is to capture everything about a threat, make sure it's accurate and useful, and feed it into our systems,” she explains.
She joined Secureworks as a personal assistant. “It was about making tea and coffee, taking a few minutes, participating in conversations,” she says. “I very quickly understood that it was a field in full evolution and which corresponded 100% to what I wanted, which was to continue learning. »
After working in resource coordination and change management, she became a knowledge lead in incident command, where she was part of the ransomware response team. “They were trying to find someone to take notes, capture metrics and be there to help maintain that engagement,” she says. “I loved it.”
She works alongside people who have studied history, geography and archeology and says her own background in the humanities helps her in her information processing work today. “If I think about my English and creative writing degree, it was about reading large volumes of text and being able to extract the interesting parts.” Her writing studies help with the blogs and other materials she produces to explain cybersecurity threats.
“There is a strong perception that cybersecurity is going to be all about technical discussions, coding and AI,” she says, “but cybersecurity is so much more than technical. I wouldn't describe myself as a technical person. I'm just someone who discovered a passion for distilling useful information.
More business technology
Source link