What Companies Need

Members Only Subscribe to read the full article

There is a dearth of talent in the cybersecurity industry, and the talent that does exist tends to be very specific, with some skill sets being more rare than others. An IT guy with 15 years of experience in network engineering is not interchangeable with a skilled penetration tester (pentester), though these are both certainly needed skills for a cybersecurity program. For many companies, the lack of pentesters is a significant problem. And while there are a lot of pentesters working in the industry, there is still a shortage of exceptionally good ones.  What separates a mediocre pentester from a good or a great one, is not the number of tools or scripts memorized, nor how many certifications are listed on the resume.  No, it is by how cunning he or she is, and how shrewdly a pentester thinks. But even the really great pentesters still fall short in the expertise and mindset that a company needs when defending itself. 

What companies need is access to people with real world expertise, people who have a bit of a malicious mindset, and who have had the opportunity to perfect it – legally of course.  People whose skills and talent have been honed through extensive experience of planning and executing cyber attacks.  Essentially, these are people who have been advanced actors  working for the U.S. government against our nation’s adversaries.  In government parlance, these would be people with computer network operations (CNO) experience, computer network exploitation (CNE) experience, and operations officer (aka case officers).  The NSA and CIA are the premier proving grounds for this kind of experience, although there are a few other agencies that have a smaller portion of resources with similar experiences.

The Cipher Brief has become the most popular outlet for former intelligence officers; no media outlet is even a close second to The Cipher Brief in terms of the number of articles published by formers.” —Sept. 2018, Studies in Intelligence, Vol. 62

Access all of The Cipher Brief‘s national security-focused expert insight by becoming a Cipher Brief Subscriber+Member.

Continue Reading

Get access to all our briefs

Sign up Today

Categorized as:Tech/CyberTagged with: