One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 1600018 |
| Date de publication | 2020-03-16 12:00:00 (vue: 2020-03-16 13:01:37) |
| Titre | Do you have the GRIT to be a cybersecurity consultant? |
| Texte | As I read Angela Duckworth's GRIT, where she explains that the secret to outstanding achievement is not talent but a unique blend of passion and persistence she calls "grit," I was able to relate the need for this power of passion and perseverance to be a successful cybersecurity professional and more importantly a trusted cybersecurity consultant. It takes a combination of skills, education, and years of work experience. With the right leadership and the right organization, your security career is on the onward and upward from that point. Here are some things that I have learned along the way and want to share. Understanding of cybersecurity beyond technology and compliance As a cybersecurity consultant, you act as a trusted advisor, and this provides you the opportunity to work with customers to accelerate business security goals. You offer security recommendations that are designed to fit overall business objectives while providing compliance with the organization's regulations and policies. It is vital to hone in on practical communication skills. Effective communication is required to deal with security teams. You have to have regular effective communication with executives, department heads, and sometimes even the end-user. Without strong communication skills, it's nearly impossible to be a successful cybersecurity consultant. Beyond cyber speak, a cybersecurity consultant must be able to understand and explain the risks to the business operations when a security control fails. Ability to thrive under pressure Through all the years of delivering as a cyber consultant, one of the key attributes that I found to be common across all successful consultants is the ability to thrive in times of disruption. The consultant should have a passion for turning challenges and opportunities into long-term competitive advantages. An ability to prioritize your workload, work well under pressure, and concurrently manage customers' expectations is a vital part of being a good cybersecurity consultant. We often hear of folks wanting to be a cyber consultant ask about which tools to learn, which technologies to focus on etc. While all those are valid and relevant, having a practical business awareness and an understanding of the cybersecurity challenges faced by organizations is vital to be able to apply the right level of security controls. Team Player and Problem Solver As a cybersecurity consultant, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. It is necessary to understand how the consulting business operates and adds value to clients. One of the required critical attributes for a cyber consultant is to think broadly and ask questions about data, facts, and other information. You should be able to embrace diverse perspectives and welcome opposing and conflicting ideas. Knowledge and skill builder Develop your knowledge around national/international security standards, including NIST, PCI, CJIS, CMS, ISO, SOX, HIPAA, HITECH, and other regulatory requirements. Gain knowledge of network design, security protocols, and cloud integration security, with excellent analytical and problem-solving skills. Understanding the life cycle of network threats, attacks, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures. In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform. Advanced understanding of TCP/IP, standard networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements. Understanding of malware analysis concepts and methods. Familiarity with the Cyber Kill Chain methodology. Knowledge of v |
| Envoyé | Oui |
| Condensat | an one we ability able about accelerate achievement across act active adds administration advanced advantages advisor all along analysis analytical angela apply architecture are around ask attack attacks attributes awareness aws azure background bash become being beyond blend broadly builder building business but calls can career certification certifications chain challenges cjis clients cloud cms combination common communication competitive complex compliance concepts concurrently configuration conflicting consultant consultants consulting continuous control controls courses credentials critical current customers customers' customized cyber cybersecurity cycle data databases deal dedication defense delivering department depth design designed develop directory disruption diverse down duckworth's education effective elements embrace end endless engineering enterprise etc even excellent execution executives expectations experience explain explains exploitation faced facts fails familiarity find fit flow focus folks found from gain general get goals good google grit happy have having heads hear help helping here hipaa hitech hone hope how ideas important importantly impossible improve including including: information initial insights integration intrusion iso issues it's jumpstart keen key kill knowledge lead leadership learn learned learning least level leveling life linux long looking make malware manage may methodology methods microsoft model more moving mssql must mysql national/international nearly necessary need nessus network networking new nipper nist not o365 objectives offer often one onward operates operating operations opportunities opportunity opposing oracle organization organization's organizations osi other outstanding overall part passion paths pci perl perseverance persistence perspectives php place platform player point policies ports possible power practical pressure prioritize problem procedures professional protocols provides providing python questions read recommendations regular regulations regulatory relate relevant required requirements review right risks role scripts secret security set share shared she should siem skill skills solve solver solvers solving some sometimes sox speak standard standards strategy strong successful such system systems tactics takes talent tcp/ip team teams technical techniques technologies technology term than them then these things think those threats thrive through times tools traffic trends trusted turning two under understand understanding undertake unique unix upward user using valid value various vectors virtualization vital want wanting way welcome well when where which windows without work workload write years you'll you're your |
| Tags | Malware Guideline |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.