Here’s how to pivot with a learning attitude
Top line: While cybersecurity jobs are growing rapidly and showing strong wage growth, many people are intimidated by these jobs due to the perception that these jobs require significant technical skills. However, evidence from Offensive Security shows that a growth mindset is much more important: technical information comes and goes, but attitude is what remains.
Cyber security remains one of the fastest growing professions in wages and employment, not only historically, but also over the next decade. For example, it is estimated that employment in information security analyst occupations will increase by 31.2% between 2019 and 2029. Likewise, the median income for 2019 in these occupations is $ 100,000 / year. .
And yet there is a significant skills gap. In fact, recent research from Emsi found that the United States has less than half of the cybersecurity candidates it needs to handle growing demand. This has made it difficult for organizations to find the right talent who can secure their digital assets and protect their brand. Information security will only grow in importance as the digital economy grows: malicious cyber attacks lead to revenue theft, uncertainty, public mistrust and a basis for economic and national security. vulnerable.
Misalignment in higher education leads to talent gaps
According to Retired Admiral William McRaven, former commander of the US Navy SEAL and head of the US Special Operations Command, “Unless we provide quality opportunity and education for young men and women in the United States, we will not have the right people to be able to make the right decisions about our national security. Additionally, the US Cyberspace Solarium Commission made similar recommendations in its July report, arguing for an expansion of cyber-content into K-12 curricula and hands-on vocational training.
However, the current educational infrastructure is not well suited to serve a new generation of learners. Universities have traditionally failed to respond to labor market signals about the demand for different skills. Since the tenure of faculty is motivated solely by publication in academic journals, there is little incentive for faculty to keep pace with the changing needs of employers.
These challenges in higher education came to the fore during the pandemic. For example, there was a 20% drop in enrollment in the fall for four-year degree programs. This has led to growing concerns among university administrators about the financial health of their institutions. While some have responded by temporarily lowering their tuition fees in the absence of in-person classes, many have not, leading to dissatisfaction with students and parents alike.
If we are to see a change in learning outcomes, it is unlikely that it will come from incumbents, especially since they are grappling with their own financial insecurities. But, EdTech companies have fortunately stepped in to fill some of these gaps, providing learners with inexpensive and effective options for taking ownership of their careers.
Case study: offensive security
Offensive Security is one of the world’s leading companies specializing in training people for careers in information security, offering learning options to become an Offensive Security Certified Professional (OSCP).
Unlike many other vendors in the space, Offensive Security provides people with not only technical information, but also a mindset centered on intellectual curiosity and persistence. Technical information comes and goes, but a state of mind remains forever. This is one of the reasons why science, technology, engineering, and math (STEM) workers so often experience a plateau in their earning power: failing to learn new things every day. , what you know will depreciate.
Certainly, having a technical background will help, but it is neither a sufficient condition nor a necessary condition to become a good cybersecurity worker. This should be heartwarming news given that so many industries have been hit hard during the pandemic, ranging from the arts to entertainment, which means anyone who is brave can commit to learning a few new tricks and they will have a whole new one. set of career opportunities available.
One of the ways that Offensive Security helps instill a disciplined and inquisitive mindset is through hands-on training and labs that mimic real-world security networks. Specifically, their labs are made up of machines and networks that mimic what hackers try to do in the real world.
According to Ning Wang, CEO of Offensive Security, “Attackers come up with new hacking techniques as quickly as defenders find ways to stop them. This means that all technical knowledge expires quickly, making an inquisitive and creative mindset more valuable to a successful cybersecurity professional than any type of technical skill. It’s important to adopt an adversarial mindset, continually looking beyond the obvious and trying to identify gaps in your defenses before an attacker does, rather than just learning to use the tools.
There are two tracks for their “Proving Grounds” training: a free level (“Proving Grounds Play”) and a paid level at $ 19 / month (“Proving Grounds Practice”). Both provide machines you work on and experiment with cybersecurity and penetration testing techniques, but their difficulty and capabilities vary.
Depending on the level of comfort of the learner, there are different degrees of difficulty. For example, Offensive Security creates guides that help guide the learner through lesson plans, providing step-by-step instructions on how to work on the machines. It is important to note, however, that the option is not available at the beginning: learners are forced to try to struggle with the exercise until they really need help. There are also cheats that work the same way, but using them takes away “points.” To further increase user engagement, Offensive Security strives to “gamify” these exercises and make them a competition.
Causes of optimism
Offensive Security is an illustrative example of continuous innovation to improve the way people learn, especially in complex and creative tasks. They have shown that it doesn’t matter if you are really young, or even have a technical background. You just need the will to stick to a task and persevere.
Take the example of Mihai, a 16-year-old Romanian high school student eager to learn more about information security. But, Mihai didn’t start out as a pro, it was the result of countless hours of practice. It gives confidence to anyone without a job, but who has courage and an intellectual curiosity to experiment and learn something new.
There is no manual for becoming a cybersecurity expert, but diligence and practice with the right tools lead the way. The same lessons hold for other skill sets besides cybersecurity, such as data science. Datacamp, for example, has become a leader in training learners of all ages to program in different languages and is becoming something between a novice and a professional data scientist.