There are lots of ways organizations can work to address the cybersecurity skills gap. Working with young people , providing skilling for students and implementing zero trust helps. So does amplifying gender diversity and promoting respect in the workplace . Organizations can use all these strategies to fill their open positions and meet their cybersecurity needs. But there are other ways, too, demonstrated by these stories of non-traditional cybersecurity career paths.
Here’s one more: not demanding that team members always take a traditional cybersecurity career path. Otherwise, they’d end up overlooking so many others who’ve found their own ways into cybersecurity. They’d deny the industry of the experience and life skills those individuals bring with them.
To highlight this point, I spoke to several professionals with non-traditional cybersecurity career paths and asked them to share how they entered the industry. Here’s what they had to say. David Hoyt | Security Researcher
“I started as an ISP [internet service provider] in 1994. I got hacked quickly and repeatedly. Coding up multi-hosting for IP hadn’t been written. Spam filters didn’t exist. There was a deluge of CSAM. I needed to learn about risk management quickly. That’s what got me into security.” Caitlin Kiska | Information Security Engineer (Threat Intelligence)
“I played online tournament poker for a living. At its core, online poker is trend analysis and data science. In poker, we are constantly identifying outlier behavior in our opponents and in ourselves to improve. Being able to analyze large data sets and form strategies based on the data is applicable in multiple fields. I was looking at a few different areas where I could leverage this skill, and cybersecurity stuck out. Additionally, many roles do not require a degree, so it was a lower barrier to entry, as I am currently in school, as well.”
“I got a Ph.D. in telecommunications in 2011, and I went with a big engineering company to design telecom networks for railway and public transport. Security wasn’t really a thing, more resilience against outage. One day, I was working on a super big project where the client wanted […]
Click here to view original web page at securityintelligence.com
