Upload
phil-agcaoili
View
624
Download
0
Embed Size (px)
Citation preview
1
SO YOU WANT TO BE IN CYBER SECURITY?
Unless you live under a rock…2
3
A computer lets you make more mistakes faster than any invention in human history - with the possible exceptions of handguns and tequila.
~Mitch Ratliff
With just a few keystrokes, cybercriminals around the world can disrupt our economy.
~Ralph Basham, Director of the U.S. Secret Service
The Internet is the crime scene of the 21st Century. ~ Cyrus Vance Jr. , Manhattan District Attorney
4
We are now all connected
The Frontier
5
6
//CYBER SECURITYThe interconnection and reliance of physical lifeline functions over the Internet (cyberspace) that impacts our:• National Security• Public Health and Safety• Economic well-being
Why is This Happening?
7
8
• Insulin pumps and pacemakers• Automobiles• POS and ATMs• ORCL – MSFT – SYMC – RSA – VRSN – Bit9• GOOG – AAPL – FB – AMZN –YHOO – LNKD – GM – NSANY • US drone fleet• Internet of Things
Vulnerable! Connected!
CloudMobile
SocialBig Data
9
Unprecedented:The Rules Have
Changed
Purpose then Passion
…My Case for Cyber Security
10
My Purpose: Cyber Security
11
Someplace to start…Let your passion follow you
12
Why Cyber Security? Current Stats• $1 trillion. Global malicious cyber activity costs up to $1 trillion per
year. That’s a cost of 1.4 percent of the world’s total GDP (Source: Trend Micro).
• $15 million. Average cost of remediation following a criminal attack. (Source: Ponemon 2015).
• 32 days. The amount of time required to resolve a cyber attack in 2013, up more than 55 percent over 2012 levels (Source: Ponemon).
• 508,000. The number of U.S. jobs potentially lost from cyber espionage, mostly from theft of intellectual property, which eliminates a company’s competitive edge (Source: ENISA).
We are at a Crossroads with Cyber Security
Technology is advancing very fast…
14
• Insulin pumps and pacemakers• Automobiles• POS and ATMs• ORCL – MSFT – SYMC – RSA – VRSN – Bit9• GOOG – AAPL – FB – AMZN –YHOO – LNKD – GM – NSANY • US drone fleet• Internet of Things
Security NOT Baked In
CloudMobile
SocialBig Data
Are You This Kid?
15
Maybe Your PurposeFound You Today?
Or Maybe You’re Already Like Me?
16
17
The World Will Need Cyber Security Experts for Many Decades• 0% unemployment (there’s actually negative employment) rate for qualified cyber security professionals
~Phil Agcaoili• Information security jobs are expected to grow by 53% through 2018
• Bureau of Labor Statistics• Based on median annual wages, compensation for cyber security professionals ranges from $70,000 to $118,000.
• UMUC.edu survey• 25% of all organizations claim to have a “problematic shortage” of information security skills
• Network World, 2014• Among the most sought-after professionals in the tech sector, with demand for workers in cyber security field
outpacing other IT jobs by a wide margin.• CIO Magazine 2014
• Demand for cybersecurity profs has grown more than 3.5x faster than the demand for other IT jobs over the past 5 years and more than 12x faster than the demand for all other non-IT jobs. Current staffing shortages are estimated between 20,000 and 40,000 and are expected to continue for years to come.
• Burning Glass International• Critical need to fill 50,000 cyber security jobs in the near future in the federal government and private industry
• Washington Post 2012
18
Purpose and PassionDon’t follow your passion
– Most people have no idea what they want to do– Your passion may not equate to a job you want to do
Instead…Let your passion follow you
19
Passion? A Career Path?…Not So Much
19
How I Got HereOur bravest and best lessons are not learned through success, but through misadventure.
~Amos Bronson Alcott
I have no special talent. I am only passionately curious.
~Albert Einstein20
In-Demand Skills for Cyber Security JobsEmployers are seeking to hire employees with proficiency in:• Firewalls• Network Security• LINUX• UNIX• CISA• Cryptography• Cisco• Transmission Control Protocol/Internet Protocol (TCP/IP)• System and Network Configuration• Vulnerability scanners and penetration testing
4 out of 5 Cyber Security Jobs Require a Degree• Burning Glass International 2013
21
*UMUC.edu study
Find a Cyber Skill and Career Path to Pursue
Build skillsSpecialties are the future (e.g. IoT, automotive, ICS, etc.)
Diversify your experiencesStay true to your values
22
Build Skills: Cyber Security Career OptionsCEO
CIOCSO
CTOProduct LeaderService Leader
Board of Directors
Corporate Governance LeaderInternal Audit Leader
COOCFO GCCISO
Product ManagementServices Management
Physical Security ManagementInformation Security Management
Risk ManagementFraud Management
Program ManagementProject Management
Audit ManagementRisk Management
Compliance Management
AnalystTechnologistStrategist
OfficerInvestigator
Loss PreventionFraud Analyst
Security Strategist/PrincipleSecurity ArchitectSecurity EngineerSecurity AnalystSecurity Administrator
AuditorGovernance Analyst
Risk AnalystCompliance Analyst
Specialty RolesSecurity Assurance – Penetration Tester
eForensics and Litigation SupportThreat Intelligence
Application Security – Security Software DeveloperIdentity Management
Cryptographer
Founder
IT RolesNetwork AdministratorSystem Administrator
Network ManagementDatabase Administrator
Programmer/Developer and QA
Operations Leader
Managing ConsultantConsultant
CRO
CPO
In-Demand Skills for Cyber Security Jobs
• Security Engineer• Security Analyst• Information Security Analyst• Information Security Engineer• Network Security Engineer• Information Technology Security Analyst• Information Security Manager• Information Assurance Engineer• Senior IT Auditor• Security Administrator
24*UMUC.edu study
25
Diversify Your ExperiencesCEO
CIOCSO
CTOProduct LeaderService Leader
Board of Directors
Corporate Governance LeaderInternal Audit Leader COOCFO GC
CISO
Founder
Operations Leader
CRO
CPO
Remember to Build Skills…Then Gain Experience
26
Source: Burning Glass
Top five cities for cybersecurity job postings: • Washington, D.C., • New York, • San Francisco/San Jose, • Chicago and • Dallas
Washington, D.C. had 23,457 job postings• 90 % increase 2007- 2013
Largest percentage increase since 2007 occurred in Atlanta with 5,883 openings
27
How to Launch a Career in Cyber Security• Earn your degree. Over 75 percent of current job openings in cyber security require a bachelor’s degree (to
learn more about qualifications and experience for getting cyber security jobs after earning a BS in Cyber Security.
• Add certifications. – Certifications like CISSP (Certified Information Systems Security Professional) can provide practical skills and an in-road to a
great job.• Volunteer to gain experience. Complete internships or volunteer to assist a cyber security professional, such as
a college professor, to gain on-the-job experience.• Perform your own background check. Many cyber security jobs demand that applicants pass a background
check. Pay for an independent check of your background and credit history in case you need to explain or correct items found in these reports.
• Know current cyber security topics. Make sure that you stay current on the latest cyber security issues by following industry magazines and top bloggers.
• Perhaps gain military or law enforcement experience. If you need assistance with paying for school or you need a job while you earn your degree, consider putting some military or law enforcement experience on your resume. It’s not a requirement, but it’s nice to have.
• Perhaps obtain an advanced degree. • Perhaps start your own company. Great ideas change the game.
…We need to change the cyber security game.
Cyber Security Employers Demand a Highly Educated,Highly Experienced, and Credentialed Workforce
35% of cyber security jobs call for an industry certification
28
84% of Cyber security job postings require at least a bachelor’s degree
83% require at least three years of experience
29
A Great Opportunity for Your Future• As the worldwide threat posed by cyber crime
grows, so will the list of available cyber security jobs. • Because so few students know about the career
possibilities associated with cyber security, not enough students are graduating to fill those jobs.
• If you like technology and you want to serve others, cyber security could be your ticket to a lucrative and secure future.
30
What Drives Us
• Autonomy• Mastery• Purpose
• Independence• Purpose - Service• Happiness
Thanks, Mom and Dad!
31
Cyber Security Needs Passionate People that Care
32
The Kind of People We Don’t Need in Cyber Security
33
34
You are responsible for your own career
Your time is limited, so don't waste it living someone else's life.
Don't be trapped by dogma - which is living with the results of other people's thinking.
Don't let the noise of others' opinions drown out your own inner voice.
And most important, have the courage to follow your heart and intuition.
Steve Jobs35
Phil AgcaoiliDistinguished Fellow and Fellows Chairman, Ponemon Institute
Board of Advisors, PCI Security Standards Council (SSC)
Financial Services – Information Sharing & Analysis Center (FS-ISAC)Payments Processing Information Sharing Council (PPISC)
Contributor, NIST Cybersecurity Framework
Co-Founder & Board Member, Southern CISO Security Council
Founding Member, Cloud Security Alliance (CSA) Inventor & Co-Author
CSA Cloud Controls Matrix (ISO 27017/27018)Security, Trust and Assurance Registry (STAR), and CSA Open Certification Framework (OCF) – AICPA SOC 2
@hacksec https://www.linkedin.com/in/philA
Thanks