Why the Security Workforce Needs More Women and Men

Similar documents
Which Side Are You On?

State of the Cyber Training Market January 2018

ITU CBS. Digital Security Capacity Building: Role of the University GLOBAL ICT CAPACITY BUILDING SYMPOSIUM SANTO DOMINGO 2018

THE LIFE AND TIMES OF CYBERSECURITY PROFESSIONALS

Hearing Voices: The Cybersecurity Pro s View of the Profession

SOC Summit June 6, Strengthening Capacity in Cyber Talent sans.org/cybertalent

THE POWER OF TECH-SAVVY BOARDS:

Security in Today s Insecure World for SecureTokyo

Building new cybersecurity pipelines. NICE Conference 2017 November 8, Strengthening Cyber Workforce Development sans.

Career Paths In Cybersecurity

Immersion Academy Annual Report 2018

Cyber Security Advanced Education: Preparing the Emerging Workforce

UK Gender Pay Gap Report 2018

Strengthening Capacity in Cyber Talent sans.org/cybertalent

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

National Initiative for Cyber Education (NICE) and the Cybersecurity Workforce Framework: Attract and Retain the Best in InfoSec.

CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security

CERTIFIED IN THE GOVERNANCE OF ENTERPRISE IT CGEIT AFFIRM YOUR STRATEGIC VALUE AND CAREER SUCCESS

Cybersecurity Job Seekers

NZTECH ADVANCE SECURITY SUMMIT: ADDRESSING A CRITICAL

CYBER SECURITY TALENT SHORTAGE & INDUSTRY DYNAMICS

GEORGIA CYBERSECURITY WORKFORCE ACADEMY. NASCIO 2018 State IT Recognition Awards

WINNING THE WAR FOR CYBER TALENT

Keeping Your SOCs Full. May 26, Strengthening Capacity in Cyber Talent sans.org/cybertalent

Driving Global Resilience

Partner with an MSSP or Grow an In-House Security Team: What s Right For Your Business?

Leadership. 25 years leading in cyber. 165,000 trained since ,000+ students annually

Managed Enterprise Phishing Protection. Comprehensive protection delivered 24/7 by anti-phishing experts

Background FAST FACTS

Building a Threat Intelligence Program

Hidden Figures: Women in Cybersecurity

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

Cyber Security in Timothy Brown Dell Fellow and CTO Dell Security

Certiport Certification Programs

What Does the Future Look Like for Business Continuity Professionals?

UTCS Scholarships for Service

Challenges and games to inspire the next generation of cyber security professionals

Certificate Program in Project Management

Operationalizing Cybersecurity in Healthcare IT Security & Risk Management Study Quantitative and Qualitative Research Program Results

BECOME TOMORROW S LEADER, TODAY. SEE WHAT S NEXT, NOW

CATALYZING CYBER SECURITY INNOVATION THROUGH CYBER DEFENSE COMPETITIONS

IT Security: Managing a New Reality

Shri Vaishnav Vidyapeeth Vishwavidyalaya, Indore Shri Vaishnav Institute of Information Technology

ISACA West Florida Chapter - Cybersecurity Event

The Widening Talent Gap: The greatest security challenge of our time

Immersion Academy Annual Report 2017

A New Cyber Defense Management Regulation. Ophir Zilbiger, CRISC, CISSP SECOZ CEO

Barbara Ciaramitaro, lead professor of IT and cyber security at Walsh College in Troy

Sales Presentation Case 2018 Dell EMC

MALAYSIA S APPROACH IN CAPACITY BUILDING. Dr Amirudin Abdul Wahab Chief Executive Officer CyberSecurity Malaysia 24 March 2017

The Quest for Independence - Information Security Management Pyramid. Mikhail Utin, CISSP, PhD, Daniil Utin, MS and Rubos, Inc.

U.S. Department of Homeland Security Office of Cybersecurity & Communications

itsm003 v.3.0 DxCERTS IT & NIST Cybersecurity Digital Transformation (Dx) Enterprise Training Curriculum

chief information security officer

CYBERSECURITY HOW IT IS TRANSFORMING THE IT ASSURANCE FIELD

CISCO NETWORKING ACADEMY CASE STUDY

Certified Manager Certification

IT Skills Required for Business Innovation

Quick Base Certification Overview

Training and Certifying Security Testers Beyond Penetration Testing

The fast track to top skills and top jobs in cyber. Guaranteed.

House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection Hearing:

Canada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?

BRING EXPERT TRAINING TO YOUR WORKPLACE.

Understanding Cybersecurity Talent Needs Findings From Surveys of Business Executives and College Presidents

Cyberbit Range. A Global Success Story by CYBERBIT 2017 by CYBERBIT Proprietary CYBERBIT Proprietary

RISK MANAGEMENT Education and Certification

MY CERTIFICATION HELPED ME GET HERE. MY MEMBERSHIP HELPS KEEP ME HERE.

ISACA Enterprise. Solutions and Resources

UNIT ONE. Introduction to CyberPatriot and Cybersecurity. AIR FORCE ASSOCIATION S CYBERPATRIOT

Opening Doors to Cyber and Homeland Security Careers

The fast track to top skills and top jobs in cyber. FREE TO TRANSITIONING VETERANS

A United States Cyber Academy Program

Is Your Investment in Cybersecurity Training Paying Off?

Must Have Items for Your Cybersecurity or IT Budget in 2018

2015 VORMETRIC INSIDER THREAT REPORT

CONTINUING PROFESSIONAL DEVELOPMENT REGULATIONS

Creating a Cybersecurity Culture: (ISC)2 Survey Responses

building for my Future 2013 Certification

Cybersecurity Workshop: Critical Cybersecurity Education & Professional Development

SANS/REN-ISAC Partnership

Build Your Cybersecurity Team: Create a Strong Cybersecurity Workforce Using Best Practices in Development

The fast track to top skills and top jobs in cyber. Guaranteed. FREE TO TRANSITIONING VETERANS

Debate - Cybersecurity

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

itsm003 v.3.0 NISTCSF.COM NICE Training Curriculum & Workforce Planning Program

New CEPIS Mission

Cyber Security and Cyber Fraud

Presented by National CyberWatch Center March 31, April 1 & 2, 2016 Johns Hopkins University Applied Physics Lab Laurel, Maryland

Building the Cybersecurity Workforce. November 2017

Cyber Security: It s all about TRUST

ISACA MOSCOW CHAPTER Chapter meeting 22 September 2016

Securing the Internet of Things (IoT) at the U.S. Department of Veterans Affairs

Introducing Maryville University s CYBER SECURITY ONLINE PROGRAMS. Bachelor of Science in Cyber Security & Master of Science in Cyber Security

Training + Information Sharing: Pillars of enhancing cybersecurity posture

CYBERSECURITY NEXUSTM (CSX) The Premier Source For Cyber Security Knowledge and Expertise

CLOSING IN FEDERAL ENDPOINT SECURITY

PROFESSIONAL MASTER S IN

PROTECTING ARIZONA AGAINST CYBER THREATS THE ARIZONA CYBERSECURITY TEAM

State of South Carolina Interim Security Assessment

Transcription:

Why the Security Workforce Needs More Women and Men ISSA International Conference Tammy Moskites, CIO/CISO, Venafi October 10, 2015

A Little Bit About Me 25+ Years in IT & Security Current CIO/CISO of Venafi Distinguished Fellow Ponemon Institute Former CISO of Time Warner Cable and Home Depot Various roles at Huntington National Bank, BankOne Nationwide ISSA, ISACA, InfraGard In Last 12 months I met with over 250 Global CISOs/CIOs

My Career Waitress/Bartender Customer Service Roles Word Processor Executive Assistant Medical Management Information Analyst Sr. Actuarial Trend Analyst IT 3 rd Level Support/Team Leader Help Desk Performance Manager/Malware SME IT Security/Identity Management Leader IT Security Division Manager Business Information Security Officer (BISO) IT Security Officer CISO CISO CIO/CISO

My Early Gender Challenges Tammy: What happened to my job announcement? Boss: I thought we should hire Simon because we cannot have you fixing computers AND working in a skirt. Oh and having to climb under desks and stuff... You understand

We Grow and Build & Learn From Our Experiences Information Security Officer Medical Management Analyst Sr. Actuarial Trend Analyst

Threat Landscape; it s ever-changing Data breaches are at an all time high More than 500 data breaches reported so far in 2015 (Identity Theft Resource Center) Data breaches cost ~$25 per exposed record (Ponemon Institute) Cyber criminals are always 10 steps ahead misusing keys and certificates to conduct APT-like attacks Attacks are becoming destructive in nature, costing companies millions in damages Anthem, Sony, OPM

Major Need for More Cybersecurity Pros The global workforce shortage of security professionals will reach 1.5 million in the next 5 years (Frost & Sullivan) Security jobs stay unfilled for ~10% longer than most tech jobs and pay $15,000 more annually (Burning Glass Technologies) Cyber security job postings grew 90% this year on DICE.com from last year for the same time period Tens of thousands of jobs that required a CISSP certification Zero unemployment rate in cyber security there are more jobs available than qualified professionals to fill them

Zero Unemployment Rate in IT/Security Salary inflation as everyone is competing for the same pool of potential applicants Productivity issues as cybersecurity professionals are barraged by headhunters and recruiters High turnover since cybersecurity professionals are constantly job hopping Inefficiencies as marginally-qualified cybersecurity professionals are getting jobs that they otherwise wouldn t be offered High costs as organizations are forced to pour money into training the inexperienced cybersecurity professionals they have to hire.

Others Agree The biggest challenge we have across the whole federal government is finding the right skills and talent and resources to do the heavy lifting we have to do across the board, particularly in the cyber area -- Federal CIO Tony Scott If more staff is required, a big challenge for most companies is finding the skill sets that they need in specific locations. The cybersecurity talent tends to be clumped into a number of geographic areas, while the need for cyber skills is widely distributed. The only way to hire right now is to steal people from other organizations or import them. -- John Pescatore, SANS

Gender Gaps in IT & InfoSec U.S. women made up only 26% of computing professionals in 2013 the same level from the 1960 s (AAUW) Only 1/5 of U.S. computer science and engineering degrees are earned by women other countries are way ahead Less than 11% of the overall cybersecurity workforce are women Efforts are underway to drive more interest Intel Security s $300M

The Skills Gap Its not a GENDER thing Source: (ISC)2 2015 GISWS Report

More Skills Gap Challenges We are still a long way off having enough of the right skills in industry to stay ahead of cyber-security threats. Aspiring cybersecurity professionals need to quickly learn both technical skills and an understanding of the business and human environment in which these threats exist. Skills must include understanding how hackers think, being able to assess the risks and understand how staff will respond to new IT and security systems, not just implementing the latest technology. Right now, we simply don't have enough of these skills to defend ourselves. -- Dr. Arosha Bandara, Senior Lecturer in Computing at the Open University

Student Survey

Developing the Next Generation of Cyber Warriors Educate early and often Increasingly, programs that target students from elementary school to college are promoting science, technology, engineering and math (STEM) education. Building the workforce of today and tomorrow Must Have Clearly Defined Roles Focus on training staff and keeping their skillset current

What Should Hiring Managers Look For? Do Degrees Matter? Certifications How Necessary Are They? CISM, CISSP You need 5 years of real-world experience Work Experience What else?

Hiring Great Teams Proven ability to think out of the box threats are fast moving Troubleshooting Find source of problems and ability to develop and implement solutions Adaptability Yes, Change is going to happen Communications skills Both in Writing and Verbal Do they FIT Are they a team player that will work well with your team

So Who do You Hire?

Human Resources Partnership Cybersecurity and IT Hiring Hiring Pool is empty especially Senior Leadership and Highly Skilled Retention is tough always getting headhunted for more money, perks, etc.. NextGen s being trained however they lack real experience Not finding enough work experience so cannot rely on certifications Skills are inconsistent be specific (don t ask for 5 years experience for a technology that is 3 years old) When you find a candidate MOVE FAST Must have constant current market value ready and kept current

Security Jobs Pay Well! There are over a million unfilled IT and cybersecurity jobs globally According to (ISC)2, the average pay is $99,000 annually for CISSP-certified professionals A 2014 Study showed a Director of Security base salary is $178,000; CISO is $193,000; CSO is $225,000. Salaries continue to grow and have increased 2015 by nearly 15% in Fortune 500 companies Cyber is quite a lucrative field to be in right now!

Great Teams How to Keep Them! Career Growth & New Opportunities Talent Nurturing Recognize excellence and talent Have open discussions about career growth/plans Evolve roles of your team members keep them challenged Celebrate Successes as a Team Continuous Education/Trainings - Encourage staff to obtain AND keep certifications current Team building Develop leadership skills of your team Have passion & enthusiasm Lead by example Involve your team in decision making Know your teammates we are all in this together! Always remind them they are one team 0f the much larger team and that is the COMPANY team!!!

Tammy Moskites CIO/CISO, Venafi Tammy.Moskites@venafi.com @QueenofCandor

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback