So You Want to Be a Cyber Security Professional - page 3
Open The Door To A Cyber Security Career
A good place for US citizens to get started in cyber security is in the United States military.
Rice remarked, "The military is great, as is any service organization, in serving the country. In so far as you are using it to not only to serve the infrastructure and protect it, but also because the military spends an enormous amount of money to get people up to speed. It's a great place to go to build your skills. The Air Force has a great program... the Navy has developed great programs."
Getting good cyber security technical experience and serving your country are benefits of joining the military, although it may not be a long-term career path, at least right now. Although the focus is shifting somewhat, information technology expertise has always been a secondary consideration, behind bringing military force to bear.
"The military is all about putting steel on the target," Rice said. "So, IT will always be an ancillary goal. When you start talking about running important communications systems, using it for the viability of any force, whether a military force or nation state, you really need to make sure the infrastructure is well protected. And that means it's more than people just running consoles. You need to educate them. So, in terms of looking for educational funding, the military is an awesome place to go."
When asked about university-based cyber security programs, Rice had this to say:
"Based on my limited exposure, James Madison University has an awesome program, but that's obviously biased because I'm an adjunct [professor] there. And, Virginia Tech has a phenomenal program. They not only do security right, in terms of the instructors but also how they implement security... the operational thing. They also seem to educate their students well because they have a 'do and teach' model. They do it right and then they take that experience and teach it well. Berkeley, of course, and UCSD have great programs."
Rice discussed the philosophy of professionals in cyber security and how a newcomer to the field might bolster their commitment and motivation.
In other words, what's the answer to, "Hey, I want to get into this, what would you tell me?"
"When you really want to get interested in something, its best to find projects that really builds a new experience. A professional builds experience, not only in the strategic sense of where he wants to go, but specific projects that provide interest and reinforces the things he's trying to do. That means taking security courses, or being a security administrator, you know part time, or something like that outside of school. And living the security. There's nothing like exposure to actual operational needs. And seeing not only security, by itself, but how businesses affect security. Most security professionals feel this, what the sales community calls pushback", Rice replied.
Rice gave an example of the conflict and learning experience that a new security tech might face. A supervisor might say, "Oh, you should really do this more securely." But, then the company hasn't allocated the budget to make the system more secure.
"Well, there's the education of security, but for education in terms of how security fits into business, by going to the outside world and being a security admin, or something like that, then you get to see how security fits into the big picture and why we don't have the security that we want," Rice said.