This blog comes from Daniela Herrera, Senior Technical Content Developer for Security at Splunk, a Cisco company. Daniela builds technical courses for security operations center (SOC) roles as a part of Splunk’s education team. We are excited to have Daniela present in our “Find yourself in the future of cybersecurity” webinar on October 24, 2024. Get excited to learn more about Life on the Blue Team!
As I write this, Cyberseek’s supply and demand heat map[i] shows there are only enough cybersecurity workers in the United States to fill 85 percent of the cybersecurity jobs that employers demand. This doesn’t seem to be just a phenomenon in the United States. A recent World Economic Forum (WEF) report[ii] highlights a critical global shortage of nearly 4 million cybersecurity professionals, with industry demand increasing yearly. Zooming in on the details, the same WEF report indicates that women under 30 only represent 26 percent of the cybersecurity workforce in that age group, growing even smaller for older generations!
All of this makes me want to yell out, “HOW DO WE FIX THIS?!”
How do we fix this?
There are many reasons why we are in this situation. For example, misplaced perceptions that cybersecurity roles are highly technical or people needing to realize how much job variety and opportunities exist in cybersecurity, perhaps. This is why I would like to talk to you about the role of the Cybersecurity Analyst. It may sound like an interesting path for you.
Cybersecurity Analyst: a career path for you?
If we look at the career paths on Cyberseek’s map, there are currently more than 26,000 roles open for Cybersecurity Analysts in the U.S. alone. In other words, we need you out there!
Be a part of the Blue Team: the defenders
If you’re unfamiliar with this role, a Cybersecurity Analyst is considered part of the Blue Team in the Infosec color wheel[iii]: the defenders. Cybersecurity Analysts are usually a part of a security operations center (SOC). They are in charge of analyzing the data generated by networks and systems in order to mitigate threats.
Cyber analysts may do this by reviewing events generated by security tools to determine whether they indicate a threat — or by creating their own hypotheses and performing threat hunting across the existing data (or “thrunting,” as a dear friend likes to call it). In their role, they help protect organizations and individuals by quickly identifying threats and gathering critical information, enabling an organization to respond, contain the threat, or remediate the problem.
Sounds pretty cool, doesn’t it?
Is your but in the way?
“But I am not that technical.” “But I do not have programming skills.” “But, I don’t understand tech well.” “But, I’m not good at math.” “But, it sounds hard.”
I wouldn’t let any “buts” or thoughts like that discourage you just yet. Yes, a good foundation of networking and systems knowledge is important.
But what skills do you already have?
You may already have other skills that are critical for analysts to have, too. Think about it this way: technical skills can be learned, but the qualities that drive who you are are the ones that will help you be successful and have you stand out in any career you choose. Let’s take a look:
- Are you innately curious? Some of the best analysts I’ve met are; they almost have a need to understand why things occur in a certain way. They are attracted by puzzles and need to solve them. They possess a certain instinct — like detectives!
- Do you like to learn new things? Continuous learning is a critical skill for an industry that is constantly changing and where the number of technologies we need to work with increases every day. If you learn fast and get bored easily, this could be an industry and a role that will keep you on your toes! You’ll need to research and find answers almost all the time. Good analysts are not afraid of the unknown; they are the most engaged when they are learning something new.
- Are you a problem solver? If something is broken, do you want to fix it? Do you often see how things can be improved and you want to do it? If you hit a wall, do you like to think of multiple ways to try and overcome that challenge? As a Cybersecurity Analyst, you will run into many situations that require you to find solutions to interesting, or even strange, problems.
- Are you a creative thinker? Out-of-the-box thinking comes from being observant and creative with critical thinking sprinkled in. People who can see patterns and discover links and pathways that are not always obvious are valuable to the Blue Team. If you can see the big picture as well as the details, and how small changes might impact the other, then this could be the place for you.
- Do you care about people? Most Blue Team individuals I’ve met genuinely care about protecting the systems and data of organizations, and more importantly, the people behind them. We understand the importance of our role as cybersecurity defenders, and the potential consequences of security incidents, so there is a sense of satisfaction when we contribute to the mission.
Now, I don’t mean to say that if you see yourself on this list, a cybersecurity career path won’t be challenging for you. A career in cybersecurity can be challenging and even stressful at times. But if you identify with these 5 qualities, it could provide you with the right type of challenge for you.
Navigating cybersecurity career challenges
If a career in cybersecurity does become a bit challenging, here are a few more tips to help you along the way. You could even try to start practicing them now:
- Practice good communication. You will need to explain complex situations to audiences with different levels of technical knowledge. This will enable you to work across teams and up and down the organization.
- Learn to prioritize. All of these great qualities can lead us into paths that become dead ends or that are “interesting” but not necessarily the right path during an investigation. It is important to learn quickly how and what to prioritize so we don’t lose sight of the task at hand.
- Know when to ask for help. It is always good to recognize when we are out of our depth and to be able to ask for help, especially if there is a security issue that needs attention. Note that this goes both ways! You should also be open to offer help and answer questions if someone reaches out to you. We are all stronger when we can count on others.
- Manage stress in a healthy way. There will be emergencies, zero-day attacks, and situations that require a rapid response or unexpected long hours. It is very important to learn how to handle these situations in a healthy way to avoid burnout. Prioritize your health and safety, both physical and mental, and remember to make room for other things that you enjoy in your life.
Find yourself in the future of cybersecurity
If you want to learn more about entry-level cybersecurity jobs, join our upcoming webinar: Threat Monitoring – The Art of Cyber Vigilance. We will talk about some of the tools that analysts use to detect threats across networks and systems.
Register for this Find Yourself in the Future event
Threat Monitoring – The Art of Cyber Vigilance
Thursday, October 24, 2024, at 9:30 a.m. India Standard Time
Meet our speaker: Daniela Herrera
Daniela grew up in Mexico City, majored as an Electronic Systems Engineer and graduated with a CCNA through the Cisco Networking Academy program at her university. After working for Cisco and Cisco partners for a number of years, from technical support to design, deployment, and maintenance of secure networks, Daniela moved to the U.S. to expand her security knowledge, where she was a technical account manager for large enterprises across the United States and Latin America. Daniela is now a Senior Technical Course Developer for Security at Splunk, a Cisco company. As a part of Splunk’s education team, Daniela builds technical courses for Security Operations Center (SOC) roles.
Find yourself in the future
The Find yourself in the future program is your compass to navigating a career path that resonates with your passions. Through our quarterly virtual broadcasts, immerse yourself in the latest technology trends presented by Cisco experts. Discover the industry that ignites your enthusiasm. Join our events, learn the technology, and take the leap towards landing your dream job.
Sources
[i] Cyber seek’s Cybersecurity supply and demand heat map
[ii] WEF Strategic Cybersecurity Talent Framework 2024 (weforum.org)
[iii] Orange is the New Purple by April C. Wright (blackhat.com)
Insightful blog !
Amazing information
Interesting details
Good evening Mr Marcelo, please how do i start a career as a cybersecurity analyst since i don’t the funding capacity but i am zealous and ready to commit my energy and time. Where and how possibly can get assistance?
cybersecurity is taking more and more centre stage. valuable information. Thanks