I love airplanes – who doesn’t? I watched a documentary the other night about how fighter jet technology is becoming so sophisticated that pilots just cannot keep up. Jets now fly so fast and maneuver so quickly that the average pilot physically cannot endure the environment; they will pass out from the G Forces. What engineers found out is that with more training and automation, they were able to take sophisticated equipment that was at the time very cool and sleek, but uncontrollable, to something that was actually usable and effective. As I discussed in one of my earlier blogs about the latest SBIC report, the marketplace is changing and traditional security tools that are cool, but highly niche-based, are no longer sufficient. Given the evolving threat landscape, the skills needed to manage and mitigate these new advanced threats are in short supply. To build up this talent, knowledge sharing will be critical.
Based on this new wave of required skills, I can’t help but think of the training these pilots needed to go through. It was training specific to how to handle this new more powerful machine, to tame it, and actually make it usable. So, like pilots, we need a global standard of training for an individual in the field of information security. What is desperately needed is a standard certification catered to the “next generation security analyst.” These are the analysts who actively monitor and manage a Security Operations Center (SOC) based not on perimeter-based defenses, but on full forensics and endpoint capabilities with powerful machine capabilities – not just a bunch of disparate tools tied together.
It’s a fact that organizations don’t have enough resources that can adequately do what needs to be done in a SOC. This presents a prime opportunity for a new, universal training program that covers the concepts, methodologies, and skills necessary for security professionals enacting cyber defense initiatives. A new standard needs to be created specifically for this advanced cyber defense space. As organizations build up their SOCs, they need personnel who can adequately handle activities such as:
- Monitoring alerting systems
- Triaging events to define when a cyber-incident has occurred
- Prioritizing events and incidents
- Specializing in areas of investigation around malware analysis or forensics
Here is where I call on security organizations across the globe to take advantage of this skills gap. Become the trusted advisors for these next generation security analysts. At RSA Conference 2012 in San Francisco, Art Coviello said it best:
“We need to champion and develop a new breed of Cyber Security Analyst…this new breed of analyst must have the right analytical skills, big picture thinking and much needed collaborative ‘people skills’ to ensure smooth information sharing with multiple stakeholders.”
Security is increasingly becoming a cross-functional, top of mind concern. As a result, we need more of these next generation security analysts who can effectively manage the SOC practices required in today’s environment. To get there, training is a necessity, just as it was for today’s pilots. This is where I see security organizations – both manufacturers as well as resellers – being in a prime position to introduce a new standard of InfoSec certifications. It’s like the famous line in the movie Top Gun: “I have the need for speed!” Now, it’s a matter of how we ensure we can control it.