The Future of Your Cybersecurity Career: Market Demand VS Talent Shortage
The world is currently lacking some 2 million cybersecurity experts. That number is expected to double shortly, as more cyber-kinetic and anthro-cyber-kinetic (people, cyber and physical) systems are productized for industry and mass consumption.
At the same time, cybersecurity practitioners have become laser-focused on insanely complex, highly verticalized, specific subsets of our industry. Rough translation: we tend to train and hire skill-set specialists versus security generalists. Security professionals often have trouble talking to each other because so many specializations use different nomenclatures, terms, and acronyms; dozens of technically disparate lingua francas. We have forgotten about teaching strategic generalities and interdisciplinarianism. Overspecialization and isolation from other technical fields are two clear recipes for failure.
This webinar examines a variety of skills and knowledge that will greatly assist the professional and benefit the cybersecurity field as well, by dealing in higher levels of abstraction versus highly specialized knowledge and practice.
Main points covered:
Presenter:
Our presenter for this webinar Winn Schwartau is one of the world’s top experts on security, privacy, infowar, cyber-terrorism, and related topics. Provocative, informed, challenging, he’s on the leading edge of thinking, writing and speaking. Highly technical security subjects are made understandable, entertaining, engaging and thought-provoking. Audiences find themselves challenged with original ideas which are related through historical analogy and metaphor and made relevant to the present and future world. He is the founder of The Security Awareness Company.
Organizer: Ardian Berisha
Date: July 10th, 2019
Recorded Webinar: https://youtu.be/uRsARV3ULy4
20. June 27, 1991
Our computer systems are
so poorly protected, they
are “An electronic Pearl
Harbor waiting to happen.”
“The Civilian Architect of
Information Warfare.”
Admiral Tyrrell, UK MoD
25. 2010 - 2012
DHS SECRETARY JANET NAPOLITANO
“WE CAN’T FIND ENOUGH CYBER-SECURITY PEOPLE…”
… BULLSHIT
THE TRUTH IS…
“WE CAN’T FIND ENOUGH PERFECT WHITE PEOPLE, WHO
HAVE NEVER, EVER DONE ANYTHING WRONG, HAVE HAD A
FORMAL EDUCATION, RECEIVED DEGREES, GOT CERTS UP
THE WAZOO, WHO DON’T SMOKE WEED, CAN PASS AN H.R.
PERSONALITY TEST, AND AREN’T ON THE SPECTRUM…”
26. ARBITRARY DISCRIMINATORS
• AGE
• SEX/ORIENATION
• DRUG USE (ALCOHOLISM IS O.K.)
• DEGREES
• CRIMINAL BACKGROUND
• “OFFICE JOB”
• PERSONALITY TESTS
• ADHD & SPECTRUM
DO WE REALLY NEED OR WANT ‘NORMAL’?
27. SECURITY PROBLEMS: THEY ARE ALL THE
SAME
• SPAM
• DOS/DDOS
• PHISHING
• ACCESS CONTROL
• ENCRYPTION
• PRIVACY
• DECEPTION
• FAKE NEWS
• DETECTION
• ROOT CONTROL
• ETC.
• REACTION
• REMEDIATION
• ZERO-DAYS
• MALWARE
• METAMORPHIC NW
• AWARENESS
• TRUST
• MULTI-ADMIN
• DATA-EXFILTRATION
• ESPIONAGE
• ETC.
28. SO…TO GET ‘THE RIGHT STUFF’
A LITTLE MORE GENERALISM, PLEASE…
1. ENGINEERING
2. HISTORY
3. HUMANITY
29. ENGINEERING
TO ERR IS TO MAKE PROGRESS.
TO FAIL IS TO LEARN.
CYBER IS NOT AN ENGINEERING DISCIPLINE …
YET…
WHAT COULD WE LEARN FROM ENGINEERS?
42. HISTORY
TO IGNORE HISTORY IS TO REPEAT STUPID SHIT
INSANITY:
DOING THE SAME THING OVER AND OVER AND OVER
AGAIN…
AND EXPECTING DIFFERENT RESULTS.
(NEXT GEN CYBERSECURITY CRAP
1972 – 2018)
44. COMPUTER HISTORY
WHY REINVENT WHEELS WHEN THEY ALREADY EXIST?
• ANTIKYTHERA
• BOOLE
• ADA
LOVELACE/BABBAGE
• GRACE HOPPER
• BOMBE-ENIAC+++
• ANALOGUE
COMPUTING
• VON NEUMANN
• ARCHITECTURES
• SHANNON
• INFORMATION
THEORY
52. HUMANITY
WE HAVE SPENT 70 YEARS TRY TO GET HUMANS TO
THINK, BEHAVE AND INTERACT WITH COMPUTERS ON
THEIR TERMS;
IN THEIR LANGUAGE: BINARY & DIGITAL
FOR SECURITY, WE NEED TO GET COMPUTERS TO THINK,
BEHAVE AND INTERACT WITH US ON OUR HUMAN TERMS;
IN OUR LANGUAGE: ANALOGUE
54. PURPOSE OF THE BRAIN
1. TO SENSE THE
ENVIRONMENT
2. TO PREDICT THE FUTURE
55. PSYCHOLOGY
• NOT BINARY
• INFINITE FLAVORING
• SOFT/MALLEABLE
• WORST MEMORY CIRCUITS
• SUSCEPTIBLE TO
“FAKENESS/LIES” IN THE FACE
OF FACTS (TRUTH)
• SPECTRUMS
• IT’S UP TO US TO
UNDERSTAND OUR
AUDIENCE(S)
PIX FREUD
68. APPLYING THE TRIADS
FUTURE OF CYBER-SECURITY EDUCATION
(& ADDING A WEE DOSE OF INTERDISCIPLINARY
GENERALISM)
69. CYBER-SECURITY IS JUST TOO HARD
LANDING ON THE MOON
TRANSCONTINENTAL RAILWAY
MARSHALL PLAN
MANHATTAN PROJECT
TVA
DNA
ICS
INTERNET
70.
71.
72. ISO/IEC 27032
Training Courses
• ISO/IEC 27032 Introduction
1 Day Course
• ISO/IEC 27032 Foundation
2 Days Course
• ISO/IEC 27032 Lead Cybersecurity Manager
5 Days Course
Exam and certification fees are included in the training price.
www.pecb.com/en/education-and-certification-for-individuals/iso-iec-27032
www.pecb.com/events