1

SO YOU WANT TO BE IN CYBER SECURITY?

Unless you live under a rock…2

3

A computer lets you make more mistakes faster than any invention in human history - with the possible exceptions of handguns and tequila.

~Mitch Ratliff

With just a few keystrokes, cybercriminals around the world can disrupt our economy.

~Ralph Basham, Director of the U.S. Secret Service

The Internet is the crime scene of the 21st Century. ~ Cyrus Vance Jr. , Manhattan District Attorney

4

We are now all connected

The Frontier

5

6

//CYBER SECURITYThe interconnection and reliance of physical lifeline functions over the Internet (cyberspace) that impacts our:• National Security• Public Health and Safety• Economic well-being

Why is This Happening?

7

8

• Insulin pumps and pacemakers• Automobiles• POS and ATMs• ORCL – MSFT – SYMC – RSA – VRSN – Bit9• GOOG – AAPL – FB – AMZN –YHOO – LNKD – GM – NSANY • US drone fleet• Internet of Things

Vulnerable! Connected!

CloudMobile

SocialBig Data

9

Unprecedented:The Rules Have

Changed

Purpose then Passion

…My Case for Cyber Security

10

My Purpose: Cyber Security

11

Someplace to start…Let your passion follow you

12

Why Cyber Security? Current Stats• $1 trillion. Global malicious cyber activity costs up to $1 trillion per

year. That’s a cost of 1.4 percent of the world’s total GDP (Source: Trend Micro).

• $15 million. Average cost of remediation following a criminal attack. (Source: Ponemon 2015).

• 32 days. The amount of time required to resolve a cyber attack in 2013, up more than 55 percent over 2012 levels (Source: Ponemon).

• 508,000. The number of U.S. jobs potentially lost from cyber espionage, mostly from theft of intellectual property, which eliminates a company’s competitive edge (Source: ENISA).

We are at a Crossroads with Cyber Security

Technology is advancing very fast…

14

• Insulin pumps and pacemakers• Automobiles• POS and ATMs• ORCL – MSFT – SYMC – RSA – VRSN – Bit9• GOOG – AAPL – FB – AMZN –YHOO – LNKD – GM – NSANY • US drone fleet• Internet of Things

Security NOT Baked In

CloudMobile

SocialBig Data

Are You This Kid?

15

Maybe Your PurposeFound You Today?

Or Maybe You’re Already Like Me?

16

17

The World Will Need Cyber Security Experts for Many Decades• 0% unemployment (there’s actually negative employment) rate for qualified cyber security professionals

~Phil Agcaoili• Information security jobs are expected to grow by 53% through 2018

• Bureau of Labor Statistics• Based on median annual wages, compensation for cyber security professionals ranges from $70,000 to $118,000.

• UMUC.edu survey• 25% of all organizations claim to have a “problematic shortage” of information security skills

• Network World, 2014• Among the most sought-after professionals in the tech sector, with demand for workers in cyber security field

outpacing other IT jobs by a wide margin.• CIO Magazine 2014

• Demand for cybersecurity profs has grown more than 3.5x faster than the demand for other IT jobs over the past 5 years and more than 12x faster than the demand for all other non-IT jobs. Current staffing shortages are estimated between 20,000 and 40,000 and are expected to continue for years to come.

• Burning Glass International• Critical need to fill 50,000 cyber security jobs in the near future in the federal government and private industry

• Washington Post 2012

18

Purpose and PassionDon’t follow your passion

– Most people have no idea what they want to do– Your passion may not equate to a job you want to do

Instead…Let your passion follow you

19

Passion? A Career Path?…Not So Much

19

How I Got HereOur bravest and best lessons are not learned through success, but through misadventure.

~Amos Bronson Alcott

I have no special talent. I am only passionately curious.

~Albert Einstein20

In-Demand Skills for Cyber Security JobsEmployers are seeking to hire employees with proficiency in:• Firewalls• Network Security• LINUX• UNIX• CISA• Cryptography• Cisco• Transmission Control Protocol/Internet Protocol (TCP/IP)• System and Network Configuration• Vulnerability scanners and penetration testing

4 out of 5 Cyber Security Jobs Require a Degree• Burning Glass International 2013

21

*UMUC.edu study

Find a Cyber Skill and Career Path to Pursue

Build skillsSpecialties are the future (e.g. IoT, automotive, ICS, etc.)

Diversify your experiencesStay true to your values

22

Build Skills: Cyber Security Career OptionsCEO

CIOCSO

CTOProduct LeaderService Leader

Board of Directors

Corporate Governance LeaderInternal Audit Leader

COOCFO GCCISO

Product ManagementServices Management

Physical Security ManagementInformation Security Management

Risk ManagementFraud Management

Program ManagementProject Management

Audit ManagementRisk Management

Compliance Management

AnalystTechnologistStrategist

OfficerInvestigator

Loss PreventionFraud Analyst

Security Strategist/PrincipleSecurity ArchitectSecurity EngineerSecurity AnalystSecurity Administrator

AuditorGovernance Analyst

Risk AnalystCompliance Analyst

Specialty RolesSecurity Assurance – Penetration Tester

eForensics and Litigation SupportThreat Intelligence

Application Security – Security Software DeveloperIdentity Management

Cryptographer

Founder

IT RolesNetwork AdministratorSystem Administrator

Network ManagementDatabase Administrator

Programmer/Developer and QA

Operations Leader

Managing ConsultantConsultant

CRO

CPO

In-Demand Skills for Cyber Security Jobs

• Security Engineer• Security Analyst• Information Security Analyst• Information Security Engineer• Network Security Engineer• Information Technology Security Analyst• Information Security Manager• Information Assurance Engineer• Senior IT Auditor• Security Administrator

24*UMUC.edu study

25

Diversify Your ExperiencesCEO

CIOCSO

CTOProduct LeaderService Leader

Board of Directors

Corporate Governance LeaderInternal Audit Leader COOCFO GC

CISO

Founder

Operations Leader

CRO

CPO

Remember to Build Skills…Then Gain Experience

26

Source: Burning Glass

Top five cities for cybersecurity job postings: • Washington, D.C., • New York, • San Francisco/San Jose, • Chicago and • Dallas

Washington, D.C. had 23,457 job postings• 90 % increase 2007- 2013

Largest percentage increase since 2007 occurred in Atlanta with 5,883 openings

27

How to Launch a Career in Cyber Security• Earn your degree. Over 75 percent of current job openings in cyber security require a bachelor’s degree (to

learn more about qualifications and experience for getting cyber security jobs after earning a BS in Cyber Security.

• Add certifications. – Certifications like CISSP (Certified Information Systems Security Professional) can provide practical skills and an in-road to a

great job.• Volunteer to gain experience. Complete internships or volunteer to assist a cyber security professional, such as

a college professor, to gain on-the-job experience.• Perform your own background check. Many cyber security jobs demand that applicants pass a background

check. Pay for an independent check of your background and credit history in case you need to explain or correct items found in these reports.

• Know current cyber security topics. Make sure that you stay current on the latest cyber security issues by following industry magazines and top bloggers.

• Perhaps gain military or law enforcement experience. If you need assistance with paying for school or you need a job while you earn your degree, consider putting some military or law enforcement experience on your resume. It’s not a requirement, but it’s nice to have.

• Perhaps obtain an advanced degree. • Perhaps start your own company. Great ideas change the game.

…We need to change the cyber security game.

Cyber Security Employers Demand a Highly Educated,Highly Experienced, and Credentialed Workforce

35% of cyber security jobs call for an industry certification

28

84% of Cyber security job postings require at least a bachelor’s degree

83% require at least three years of experience

29

A Great Opportunity for Your Future• As the worldwide threat posed by cyber crime

grows, so will the list of available cyber security jobs. • Because so few students know about the career

possibilities associated with cyber security, not enough students are graduating to fill those jobs.

• If you like technology and you want to serve others, cyber security could be your ticket to a lucrative and secure future.

30

What Drives Us

• Autonomy• Mastery• Purpose

• Independence• Purpose - Service• Happiness

Thanks, Mom and Dad!

31

Cyber Security Needs Passionate People that Care

32

The Kind of People We Don’t Need in Cyber Security

33

34

You are responsible for your own career

Your time is limited, so don't waste it living someone else's life.

Don't be trapped by dogma - which is living with the results of other people's thinking.

Don't let the noise of others' opinions drown out your own inner voice.

And most important, have the courage to follow your heart and intuition.

Steve Jobs35

Phil AgcaoiliDistinguished Fellow and Fellows Chairman, Ponemon Institute

Board of Advisors, PCI Security Standards Council (SSC)

Financial Services – Information Sharing & Analysis Center (FS-ISAC)Payments Processing Information Sharing Council (PPISC)

Contributor, NIST Cybersecurity Framework

Co-Founder & Board Member, Southern CISO Security Council

Founding Member, Cloud Security Alliance (CSA) Inventor & Co-Author

CSA Cloud Controls Matrix (ISO 27017/27018)Security, Trust and Assurance Registry (STAR), and CSA Open Certification Framework (OCF) – AICPA SOC 2

@hacksec https://www.linkedin.com/in/philA

Thanks