Craig discusses the Cybersecurity jobs of the future — What is Hot and What is not.
For more tech tips, news, and updates visit – CraigPeterson.com
Automated Machine-Generated Transcript:
Craig Peterson: [00:00:00] Hey, if you’re thinking about a career in cybersecurity, or maybe you are already someone in cybersecurity. We’ve got a great little article here from dark reading that gets right into it. What does a job look like?
Hi everybody. Craig Peterson here. Now you’ve heard about the world’s most dangerous jobs and they come down in the United States to two things. One is being a forestry person that cuts down trees and logs and all that sort of stuff. What would you call that a logging person? Even if it’s someone who does it in the residential areas, very dangerous, very high rate of insurance, and insurance claims.
And then the other one of course is. Up in the North seas here in the Pacific ocean, up in the past, the Bering Strait and all that mess up there, which is crab fishing. And how dangerous that is there. They’re very dangerous. And people leave those jobs often because they got injured. People die from those jobs. It’s very scary. they called dead branches on trees, widow makers, because they are going to fall down on you causes just nothing but problems, right? They’ll kill you. That’s what widow makers all about.
If you are looking at cybersecurity careers, it’s not going to kill you. At least. Hopefully, it’s not going to kill you, but the number of people that experience burnout is huge. We’re talking people on average, leaving these jobs after about eight months. Now, in some cases, they’re getting the training that they want and increasing their value in the marketplace and then leaving for a better job, better pay, whatever it is elsewhere because they can.
We’re looking at giving or take 2 million open jobs here within the next year or two, I’ve seen numbers saying as high as 5 million open jobs cybersecurity. That is a very big thing. So if your kids are in college thinking about this, if you’re like some of our listeners, a few of you guys, I know I’ve gone back to school for this.
We’re going to be covering some of these things over the next few weeks aspects of cybersecurity jobs, what you might be looking at if you’re going to do that. And also right now, we’re going to get right into some of the job titles. What’s hot. And what’s not because cybersecurity, isn’t just one thing.
It’s like any other it profession, they get very narrow. There are people who are, who are really into two specific things. Now the job sets are not as they were two or three years ago. Now, this is according to, let’s see, it’s Michael Malley, VP of strategy at Radware, and I have to agree with him.
He is saying that the types of skillsets employers are looking for is evolving rapidly. And we’ll be talking more about some of the stuff next week, but the bottom line for next week is that university degrees in cybersecurity will not get you hired. That’s the bottom line here.
They want people who have hands-on experience with this because it gets so difficult. The whole red team blue team, where you have one team of people who are attacking the infrastructure and another group of people who are trying to defend the infrastructure, all important stuff, and very difficult to, by the way, the red team are the hardest people to find. People who are attacking, who have attack skills.
So we’re seeing a lot of changes over the last few years, and now we’ve got this whole WuHan virus and people afraid of the COVID-19.
So now we’ve got these large scale remote workforces we’re trying to deal with. We’re seeing a need for people who understand that concept and have the ability to implement what is called zero-trust work environment. This means just because you have a login doesn’t mean you should have access to this machine.
It’s like I’ve said forever. I have caught salespeople going into the accounting systems and the accounting shares and changing their compensation. Yeah, they do that. Not all of them, but the less scrupulous ones do. So we need to come to the understanding that it is a business really. We can’t trust anything.
Zero trust networks. Now go to the point where even inside the office itself, there is no trust dabbling between the different devices that are on the same switch.
Now, many of us have done this in the past by using some basic technology kinda like VPNs, right? Where we set up a virtual network and that network has the ability to talk to specific things.
All these specific machines are on that little virtual network called a VLAN that we can set up. So that’s all well and good. Yeah.
Now we’re moving really to the next level where every device on a switch or anything within the organization speaks directly to and only to a firewall slash router.
We don’t want this one to go to a generic router, we want it to go to a firewall. We want to make sure that it computer isn’t infected and is trying to cross infect.
One of the first things that happen when the bad guys get control of a system inside a network is they try and spread laterally. So they have control of a workstation. They try and get on other workstations within the business, find out what information is there that they can steal, that they can ransom. That’s what they’re trying to do.
So as the true zero-trust network says, okay, Marie’s workstation is trying to scan other machines on the network and it is shut off.
That’s the sort of thing we do. We stop the intrusions, we stop the hacks and that’s what you need as well. Everything and everyone inside the network should be considered to be an outsider.
Now, this whole concept of zero-trust is gaining popularity for very good reasons. I talk on the show every week about another company that has been hacked.
So that has been a fish that has had ransomware that has had people inside, the Chinese back doors, man, it seems to be a weekly occurrence for us.
Yet when you hear some of these feds talking about it under oath, Is there any evidence of the Chinese getting into any systems here to the United it States? They’re talking about Huawei, they’re talking about, all of these different companies from China, and they say, No, there’s no evidence.
I have personally seen it. I ran the FBI’s InfraGard webinars for a couple of years. I put them together. I hosted them. I got the interviews. I did the interviews, the Q and A.
I have not only seen this stuff myself on business networks, but I have spoken to many people who’ve also seen it. So I don’t get why. These people in the government are trying to deny that the Chinese are doing anything here. It’s absolutely just mind-blowing to me. So we’ve got more and more organizations putting their workloads now into public and private clouds and they’re less interested in the hardware expertise.
They want people who understand techs complex, IP infrastructure, not right, realizing what’s really going on. A bigger focus on business resiliency really is this third major trend and the know-how needed here really focuses on technologies that make a network more intelligent and enabled to learn how to protect itself.
Thinking about automation, about integration, about one pane of glass, about artificial intelligence and machine learning. So we’re going to get into those exact titles, those exact roles. So you know what they are. So that we can speak to where’s the career path, where are things going?
And I can give you a little hint, AI and machine learning. They’re going to be big.
Hey, you’re listening to Craig Peterson right here, online your favorite podcast app and of course on WGAN, including Wednesday mornings with Matt Gagnon seven 30.
More stories and tech updates at:
Don’t miss an episode from Craig. Subscribe and give us a rating:
Follow me on Twitter for the latest in tech at:
For questions, call or text: