Advanced skills are not necessary to penetrate totally woeful security arrangements. Many government contractors, military and intelligence agencies and other companies are not eyeing people with cybersecurity degrees. Rather, hands-on work experience is becoming increasingly valuable within the computer profession. They first identify people with natural ability and related technical skills, and then introduce them to formal on-the-job training aimed at adapting them to security-related roles. This real-world experience will prove more valuable than a collection of degrees or certifications.
Ira Winkler of Computerworld makes a strong point in her article by arguing, “unless you have a program to identify competent professionals within your organization and offer them jobs and training that will arm them with security expertise, you are creating your own cybersecurity skills shortage.” This method of hiring ties in to what Sequel has been saying for a while: employee education and training is critically important when it comes to preventing costly cybersecurity issues down the road. An employee’s “willingness to expand their skill-set” will translate to a stronger security program for you at the end of the day.