Interview with Kaspersky - the fundamentals of building cybersecurity skillsBy Ryan Noik 22 July 2019 | Categories: interviews
In the wake of World Skills Day, which took place last week, Riaan Badenhorst (RB), general manager of Kaspersky in Africa chats to Ryan Noik (RN) about upskilling the youth, the skills most needed for a successful career in the growing cybersecurity arena and what impact automation will have on professionals' prospects in the future.
RN: Why is it important to encourage the youth to upskill in cybersecurity practices and defences?
RB: The world is transforming digitally, where technology is consistently evolving and will continue to shape almost every aspect of life. The reality of cybercrime and the rate at which cybercrime tactics and activity is growing, results in a digital environment that's filled with malicious threats for all users – if they aren't suitably protected.
The youth, who are growing up exposed to all aspects digital and are leading digitally driven lives, not only need to be aware of the risk of cybercrime and the associated cyber threats that exist in the digital world, but also how to protect themselves and their devices against these. The youth need to be able to ensure they can identify a possible threat and act accordingly to avoid falling victim and having to deal with the impact cybercrime can have.
This requires the youth to upskill in the field of cybersecurity. Knowing what threats exist, how they can fall victim, what precautionary measures to take, as well as how to protect devices and data and how to go about safely navigating this digital world, is critically important, to ensure effective protection against cyber-related threats.
RN: Why should one consider taking up a career in the cybersecurity space? What skills should they focus on learning and what opportunities exist in a career path in this sector?
RB: As data continues to grow and becomes a business-critical asset for most organisations, there is a growing need to protect data from cybercrime. Data can hold a wealth of value and as such is a massive target for cybercriminal activity. This, combined with the fact that cybercriminal activity is growing in sophistication (and will likely continue to do so as technology evolves), means that cybersecurity expertise is a growing need, yet a shortage of these skills exists today. In fact, ESG’s annual IT survey, in 2018-2019, highlighted that 53% of survey respondents reported a problematic shortage of cybersecurity skills at their organisation.
Based on this, there is a need for cybersecurity skills and therefore, it should be considered a potential career path.In fact, many opportunities exist in cybersecurity for those who are up for the challenge of protecting the world from cyberthreats. The cybersecurity space is one that is constantly evolving as technology trends emerge and as such it is also a field that allows individuals to consistently grow in their knowledge and skillset. It is an industry that presents various different challenges that keeps interest high.
Any student or graduate looking to break into the cybersecurity field should have a strong understanding of the fundamentals and a thorough technical understanding of networks. Outlined below are a few areas of focus:
- How servers work
- How clients work
- How networks and cloud services work
- How SPI firewalls work
- How Next Gen firewalls work
- How IPS/IDS systems work
- How exploits work
And for those interested in a serious career fighting malware, reverse-engineering skills are a must.
RN: Can you speak a bit about the training required to become an effective cybersecurity expert, considering that the security industry is so fast moving and changing so rapidly?
RB: There are foundational skills needed, which can be developed through set studies and graduate programmes. Some of the skills needed in this regard are highlighted above in answer 2. However, with technology consistently evolving, cybersecurity experts are required to continuously grow and improve their cybersecurity skills on a continuous basis, to be able to keep up with the evolving cybercriminal landscape. Threat Intelligence needs to be gained and expertise in the areas of malicious software, unwanted programmes and files (PuPs), investigation basics and phishing and open source intelligence is critical.
In recognising the need for continuous cybersecurity skills development, in 2017, Kaspersky launched Cybersecurity for IT Teams Online – an interactive training course designed to help IT teams develop their basic information security skills. The skills teams acquire during the course help enterprise support staff increase the quality of their cyber defenses.
RN: To what extent are cybersecurity jobs at risk of being replaced by AI, and machine learning, or is it your view that it is an arena where we can expect it to use humans and machines working together?
RB: While speculation is that a number of jobs are at risk of being replaced by AI, with increasing reliance on connected devices, the demand for cybersecurity professionals will only increase.
Cybersecurity remains crucial today and will be even more so as technology becomes the main facilitator of future jobs. From patient safety to protecting humans from possible AI gone awry, security needs to be factored into all technological processes, as cybercriminals will continue to attempt to exploit the opportunities created by an increasingly connected world.
RN: What additional skills do graduate students require to meet the needs of top cybersecurity companies and to contend with a continuously growing threat landscape? What does Kaspersky in particular look for in graduates?
RB: Over and above the skills outlined above, IT security staff need to be skilled in the advanced techniques that form a key component of effective enterprise threat management and mitigation strategies. Equipping the team with the most up-to-date knowledge will help defend an organisation against even the most sophisticated attacks.
Such skills include digital forensics, malware analysis, incident response, reporting and analytics to name a few.
At Kaspersky, we look at the certifications held, along with any internship experience, an understanding of the basics, any specialisation areas and of course attitude and mindset towards the industry. People are at the core of Kaspersky’s formula of success, and we do our best to be a great place to work for them.
RN: Are today’s youth particularly suited to the kind of mindset that cybersecurity professions will require – for example, being highly adaptable, digital natives?
RB: The digital natives are very well suited to this space and can add solid benefit and opportunity to the cybersecurity field. Their fast and fresh working minds can positively contribute to this unending war with the cybercriminals.
RN: What are the most important soft skills needed by youth in the digital age in general, and as regards cybersecurity in particular?
RB: A passion for the industry, technology and saving the world from cybercrime is key. It is also important to have an open mind to change and being open to tackling a variety of challenges. Everyday in this field is different and while not every day will be easy, the results will be worth it.
RN: Does working in cybersecurity lend itself to the types of working situations that we are seeing youth demand such as mobility, being able to work from anywhere, making a measurable impact on something bigger than themselves?
RB: Absolutely – a career in this field offers cybersecurity experts not only the opportunity to form part of a team dedicated to saving the world from cyberthreats, but to also play a role in truly changing lives – through encouraging dialog and offering educational programmes aimed at supporting international collaboration in the fight against cybercrime.
Most Read Articles
Have Your Say
What are your plans for the holiday season?