FutureNow – Creative and Leisure Industries Training Council Inc
  • About us
    • About FutureNow
    • About Workforce Development
    • About Training Councils
    • Government Links
    • Information for Training Providers
    • Governance
  • Industries & career resources
    • Performing Arts
    • Visual Arts & Design
    • Galleries, Museums & Libraries
    • Screen
    • Media & Publishing
    • Performing Arts
    • Events
    • Travel & Tourism
    • Hospitality
    • Career information resources
  • Skills and education
    • Qualifications
    • Traineeships & Apprenticeships
    • VET for Secondary Schools
    • Priority Occupations
  • News
    • Current News
    • eNews Signup
    • eNews Archive
  • Contact
  • About us
    • About FutureNow
    • About Workforce Development
    • About Training Councils
    • Government Links
    • Information for Training Providers
    • Governance
  • Industries & career resources
    • Performing Arts
    • Visual Arts & Design
    • Galleries, Museums & Libraries
    • Screen
    • Media & Publishing
    • Performing Arts
    • Events
    • Travel & Tourism
    • Hospitality
    • Career information resources
  • Skills and education
    • Qualifications
    • Traineeships & Apprenticeships
    • VET for Secondary Schools
    • Priority Occupations
  • News
    • Current News
    • eNews Signup
    • eNews Archive
  • Contact
Search

Current News

What Skills Does a Cybersecurity Professional Need?

26/11/2018

 
File 20181123 149721 109zmdp.jpg?ixlib=rb 1.1
Cybersecurity professionals work in software development, network testing, incident response and policy development. Shutterstock
Joanne Hall, RMIT University

Cyber crime is a threat to every organisation that operates internet-connected devices. It’s highly profitable, highly disruptive, and hard to police due to the transnational nature of cyberspace.

Incidences of cyber crime might include fraud, identity theft or privacy breaches, which can have a high personal impact. Ransomware, which locks a system and demands payment, can have widespread economic or healthcare implications.

In the past year, 25% of the Australian adult population was impacted by cyber crime. If we want a robust and resilient society, we need cybersecurity professionals defending every organisation from cyber attack.

Cybersecurity professionals might work in software development, network testing, incident response, or policy development to ensure the security of an organisation.

In popular culture, these experts are often portrayed as lone hackers in hoodies. But in reality, cybersecurity professionals must regularly communicate with a variety of audiences. They must also display a high degree of personal integrity.


Read more: What teenagers need to know about cybersecurity


What cybersecurity professionals do

To ensure our cybersecurity classes are teaching skills relevant to industry, we consult with security professionals about the skills they are looking for.

As well as technical skills, they tell us they want those they hire to have communication skills, work well in teams, and show empathy and integrity.

The following scenarios show what cybersecurity professionals do on a daily basis. (Names and details have been changed.)

Ensuring systems are compliant

Anna is a software developer for an online retailer. She notices that one of their systems is processing credit card transactions in a way that does not comply with the Payment Card Industry Standards.

The technical project leader does not understand the legal jargon of the PCI standard. The business and legal staff do not understand the software processes behind credit card transactions.

It’s Anna’s job to bring together technical, legal, and business operations staff to discuss the resources required to fix this problem.

Identifying vulnerabilities

Basim is a security specialist working for a consulting company. His team has been contracted by a superannuation fund to conduct a simulated attack on the fund’s network.

Basim’s team grabs a round of coffees and sits around the whiteboard to develop a plan. That afternoon they find a way to change the password of every customer, using a commonly known vulnerability.

Basim immediately calls the super fund to notify them of the dangerous vulnerability. He then spends the rest of the afternoon working with the super fund’s IT team to begin to fix the issue.

The team continues with the simulated attack for three more days and finds a few (less urgent) vulnerabilities. The team collates the attack notes and writes a comprehensive report. The next day Basim hands over the report and delivers a presentation to key members of the super fund.


Read more: Some cybersecurity apps could be worse for privacy than nothing at all


Monitoring and responding to attacks

Chiyo works in the Security Operations Centre of a university. Her team has set up monitoring systems that alert them to any malicious software (malware) on the university network.

The monitoring system alerts her to some unusual activity with a staff email account, and automatically disables that account. She investigates and finds that a staff member has opened an email attachment containing malware.

Chiyo calls the staff member to notify them that their account has been disabled and discusses the process to regain access. A member of Chiyo’s team configures the email filter and firewall to block the source of malware.

Meanwhile Chiyo walks over to the staff member’s office and erases all data on the infected computer. She then works with the staff member to reinstate the email account, set up software, and retrieve documents from backup storage.

Preventing data breaches

Dimitry works in the cyber security team for a government department. His team is asked to analyse the policies, procedures, and structures of the department to look for risks to citizens’ privacy. He discusses the current laws and best practices with a colleague from the Office of the Australian Information Commissioner.

Dimitry’s team identifies five processes where there is a high risk for personal data to be leaked. They analyse each process, determine the likelihood of each type of problem, and examine the possible outcomes of each risk scenario. Dimitry develops a plan and budget to reduce each of the risks. He presents a report to the Minister and the Department Secretary.

The Department Secretary determines that there is a strong case to implement the plan for two of the risky procedures immediately. The other three risky procedures are deemed low-priority, and will be re-examined in six months’ time. Dimitry sets up a team to implement the remediation plan.


Read more: It's time for governments to help their citizens deal with cybersecurity


Integrity and communications skills are essential

These scenarios highlight that, in addition to their technical skills, cybersecurity professionals need to work in teams and communicate with a variety of people.

In each case, the security professional had access to information that could easily be sold on the black market, or exploited for personal gain. Anna could have stolen credit card details. Basim’s team knew about some vulnerabilities three days before they informed the super fund. Chiyo had access to a staff member’s entire email history. Dimitry knows about three vulnerable processes that will not be changed for six months.

Personal integrity is crucial to maintain the security of these highly sensitive systems.

Communication with non-technical staff is essential to ensuring that best practice is implemented across an organisation. A strong ethical framework is an absolute necessity for security staff. The best technical staff will only build a safer organisation if their communication skills are strong and their personal integrity is unwavering.The Conversation

Joanne Hall, Lecturer in Mathematics and Cybersecurity, RMIT University

This article is republished from The Conversation under a Creative Commons license. Read the original article.


Comments are closed.

    Categories

    All
    Aboriginal
    Accommodation
    Apprentices
    Aquatics
    Arts
    Aviation
    Awards
    Conferences
    Cruise
    Employer Incentives
    Events
    Food Services
    Funding
    Galleries And Museums
    Governance
    Higher Education
    Information Communication Technology
    Jobs
    Mental Health
    National
    NCVER
    Outdoor Recreation
    Performing Arts
    Print
    Professional Development
    Recreation
    Regional WA
    Research
    Screen
    Sport
    Tourism
    Trails
    Trainees
    Training
    Travel
    VET In Schools
    Western Australia

    Archives

    March 2025
    January 2025
    December 2024
    November 2024
    October 2024
    September 2024
    August 2024
    July 2024
    June 2024
    May 2024
    April 2024
    March 2024
    February 2024
    January 2024
    December 2023
    November 2023
    October 2023
    September 2023
    August 2023
    July 2023
    June 2023
    May 2023
    April 2023
    March 2023
    February 2023
    January 2023
    December 2022
    November 2022
    October 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018

    RSS Feed

Picture

Signup for our eNews

* indicates required
​Privacy and Confidentiality Policy
Visit LinkedIn
Website by Digital Dorado
  • About us
    • About FutureNow
    • About Workforce Development
    • About Training Councils
    • Government Links
    • Information for Training Providers
    • Governance
  • Industries & career resources
    • Performing Arts
    • Visual Arts & Design
    • Galleries, Museums & Libraries
    • Screen
    • Media & Publishing
    • Performing Arts
    • Events
    • Travel & Tourism
    • Hospitality
    • Career information resources
  • Skills and education
    • Qualifications
    • Traineeships & Apprenticeships
    • VET for Secondary Schools
    • Priority Occupations
  • News
    • Current News
    • eNews Signup
    • eNews Archive
  • Contact