Security

The Security Toolbox: Upskilling

This blog is part of a series to help organizations of any size optimize their security. Our experts provide insights and recommendations based on common security use cases, customer questions, and security software developer needs.

When it comes to cybersecurity training, it can be difficult to know which skills to develop and where to allocate the limited time most professionals have for continuing education. There are certain skills that everyone should cultivate, but additionally, security team members should continue to grow and evolve knowledge, certifications, and hands-on practice that’s relevant to their specific environment or target career environment. 

It’s not always necessary to obtain a college degree in cybersecurity to work in this field. What’s most important is to show mastery of functional skills and technology through experience and certifications when applicable. 

Historical knowledge isn’t enough to succeed in one of the many jobs available in the industry—an aggressive attitude towards upskilling results in more secure organizations. Cyber criminals continue to evolve and grow cyber threat capabilities, and it’s pertinent that cybersecurity professionals do the same to raise their preparedness, harden their organization’s security posture, and increase their value in the job market.

What are the general skills that all cybersecurity professionals should develop?

Regardless of your specialty, there are a few key skills that anyone working in cybersecurity or pursuing a career in cybersecurity should build and nurture.

Technical aptitude – Troubleshooting, maintaining, monitoring, and updating different technology systems, solutions, and products

Problem solving – The ability to determine the root cause of issues and mitigate them in complex, time-sensitive environments

Adept across platforms – Comfortable working with variable combinations of operating systems, computer systems, devices, locations, and networks

Detail-oriented – Every job description asks for this, but in the case of cybersecurity, vigilance for small variations in different systems or technologies can be the difference between stopping and missing cyber attacks

Communication skills – Today’s environments require cybersecurity professionals to communication with people in their own group, other departments, leadership, customers, and subordinates

Forensics skills – Understanding digital assets and where and how data is received, archived, accessed, and recovered

Hacking skills – Ethical hacking is the practice of understanding how a system can be breached so that gaps and vulnerabilities can be addressed

Lifelong learning – The desire and ability to continue to learn because cybersecurity is always changing as new threats, technologies, and solutions emerge

What are some good online programs and resources for cybersecurity training?

Hands-on learning opportunities such as wargaming simulations are a good place to start regardless of current skillsets. These scenario-based, real-time simulations offer realistic rehearsals in an engaging group setting. 

An ethical hacking course can also be an essential tool for learning about hacking concepts and tools. In addition, there are several globally recognized certifications such as CompTIA Security+ and Certified Information System Security Professional, or CISSP

Remember to spend time upskilling based on your career path and current needs. Other certifications such as HCISPP for Healthcare Security & Privacy or CC Entry-level Certification may be more appropriate choices than going directly for the CISSP, for example.

For those who want to grow from team member to manager, ISACA’s Certified Information Security Manager (CISM) certification can boost credibility for anyone who already possesses technical expertise and experience. ISACA offers credentials in several security areas including auditing and governance.

If you have the resources and time to dedicate to a weeks-long program, consider courses such as the Harvard online course for managing risk or the MIT Professional Certificate in Cybersecurity. Another option is the INFOSEC Institute, which provides personalized learning paths for security certifications, practice exams, and hands-on labs (including labs for MITRE ATT&CK).

Depending on your circumstances, your current employer may have resources for reimbursement or payment for certification courses or credentials. Many employers also provide access to employees for the entire course catalog on LinkedIn Learning.

Are there resources to grow skills specifically for VMware security technology?

Yes! The VMware Learning Course Catalog includes education options for VMware Carbon Black technology as well as training for other products that includes help to configure them with security in mind.

VMware certifications in the areas of Security and Network Virtualization are another way to grow your value in the cybersecurity marketplace.

Learn more about security for your unique environment

If you’re not sure about your security posture or the level of vulnerability in your organization’s IT environment, a security assessment can help you develop a clear view of your current state and possible remediations needed. Visit the Professional Services for Security resources section for overviews on the different types of assessments available, and contact us at [email protected] to learn more.

For more support, read the other blogs in this series: