Category Archives: careers

Smashing Security podcast #200: Two flipping hundred

We're in celebratory mood as we celebrate our 200th episode, but there's still time to discuss Fatima the ballerina who the UK government wants to become a cybersecurity expert, why women are quitting the tech industry, and a smartwatch which might be putting your kids at risk. All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

The Internet Wants YOU: Consider a Career in Cyber Security.

With the continuous state of change in the global threat landscape, organizations face cyber attacks and security breaches that are growing in frequency and sophistication every day. But now, consider this: according to a study by the Center for Cyber Safety and Education, there will be a shortage of 1.8 million information security workers by 2022. This gap should be of great concern to organizations.

Skilled people make the difference in protecting sensitive data, so it’s more critical than ever that organizations begin to attract and retain the cybersecurity talent needed to defend against the evolving threat landscape. At Connection, we help inspire individuals coming out of universities to engage in co-op or intern-related opportunities, and I strongly encourage other organizations to see what they can do to help young people today who are really interested in building their skills in this area.

The figures don’t lie. The demand for cyber security will only continue to grow. Through local collaborative efforts between employers, training providers, and community leaders, we can ensure individuals have the opportunity to build on their tech knowledge and participate in a secure, thriving economy.

The post The Internet Wants YOU: Consider a Career in Cyber Security. appeared first on Connected.

Cyber Security Careers Are in High Demand

It’s impossible to overstate the importance of security in today’s digital world. Cyber attacks are growing in frequency and sophistication every day, and a key risk to our economy and security is the lack of professionals to protect our growing networks. According to a study by the Center for Cyber Safety and Education, by 2022, there will be a shortage of 1.8 million information security workers. So, it’s critical that that we begin now to prepare our students—and any others who are interested in making a career move—to fill these gaps. Many colleges and universities have developed information assurance programs that help technical, security-minded students achieve a great foundation in this industry. We also challenge corporations to offer intern and co-op opportunities for students in these degree programs, so they can see what security looks like in practical, business-world applications.

Connection is committed to promoting cyber security and online safety.  Cyber security is a viable and rewarding profession and we encourage people from all backgrounds to see information security as an essential career path.

Read this next:

The post Cyber Security Careers Are in High Demand appeared first on Connected.

Career Paths in Cybersecurity Interview Series: Jed Mitten, Principal Consultant

Recently, I caught-up with M-Unition bloggers Willi Ballenthin and Jed Mitten to discuss their career paths in cybersecurity. Today's blog post focuses on Jed, a principal consultant who has been with Mandiant over five years.

Helena Brito: Jed, how did you get interested in cybersecurity?

Jed Mitten: Well, when I was an undergrad my focus was on computer science: programming, data structure and algorithm analysis. The idea of virus detection was still really hot back at the time and developing heuristics sounded very cool to me. While I was working on my Bachelor's Degree I got interested in learning more about cybersecurity, so I took a class specifically on it and found it to be quite interesting. It also helped that a pretty great instructor was running the class. So that was my first taste of actual information security and, after I graduated, I wrote personnel management applications for two years in the government sector.

Halfway through that second year of programming, I realized I was not following my passion. I researched some graduate programs and found the Information Networking Institute at Carnegie Mellon University best fit my interests. Near the end of my time at CMU, I was approached by an alumnus of the INI who had begun working at Mandiant. I found the company to be a good fit for me and decided to join. I've been with Mandiant ever since.

Helena Brito: At Mandiant you're well-known for creating one of our most popular tools, Highlighter™. Do you want to give some background on Highlighter and tell our readers what inspired you and Jason Luttgens (co-creator of the tool) to make this freeware tool?

Jed Mitten: Well, I had the good fortune of sitting in the same cubicle as Jason when Mandiant moved into its first office in Alexandria, VA. One day, Jason was doing some of his magic and came across a problem of getting rid of data in log files that he knew was good. He didn't want it to bog him down visually while looking for stuff. Literally the next day Jason wrote a program called "Get Out of My Face." He showed it to me and we discussed what else could be done with the tool, such as statistics. So we hashed it around a little bit and gave the tool to some of our consultant buddies in the company, and a few external to Mandiant.

Through that process we got some pretty amazing feedback that eventually created the first iteration of Highlighter. The tool has been improving slowly but surely as the Highlighter community - a larger community now - uses it and asks for specific requests.

Helena Brito: I see that you are a member of the M-Unition blog team. Do you have any upcoming posts that you'd like to talk about or any ideas for posts that you want to write in 2013?

Jed Mitten: Recently, I reached-out to some Highlighter super users and created a series based on interviews with those users. The first post from that series just went up. Generally, I'd like to do some more posts on Highlighter; tips and tricks on some features that aren't currently used as much as more well-known features. I don't get much time for research in my daily life, but when I do I'll share it.

Helena Brito: You moved out to San Diego, California about a year-and-a-half ago. In that time, what have you done to get involved with the local tech communities out there?

Jed Mitten: Luckily, there's a lot of tech in San Diego, specifically biotech and military. Because of this I've had an opportunity to connect with some of the locals that may not do the same work I do, but work in the same security space. Whether they're developers, forensic analysts or on the penetration testing side, we all learn from one another.

I've joined local chapters of professional organizations such as HTCIA (High-Tech Crime Association) and ISSA. I hope to check out the B-Sides in Los Angeles and maybe head up to Silicon Valley once in a while to check-out the industry in that area.

Helena Brito: Is there any advice you'd like to give to people who are just getting out of school and are interested in a career in cybersecurity?

Jed Mitten: I've been asked this question a few times in my life and I sort of see three paths to get to where I am or to get to a similar, perhaps lateral, place to where I am. The first path is through the military. I know some really excellent, super-technically-savvy, creative people that came out of the military. I only met them at Mandiant, and it was kind of an eye-opener because I got to see firsthand the quality experience the military can offer people in infosec.

The second path is formal education, which was my personal path. I went to college, started at a two-year university and moved to a four-year and then went on to grad school. The education path allowed me to choose my own adventure to get to where I wanted to go. However, it's important to note that I had a clear vision for what I wanted and that helped keep me focused. Having a clear vision for your career is very important, I believe. No matter where you start, having a clear vision of where you want to end up will keep you on the right track.

The third path is for those who are just so interested in the topic of security that they follow their passion. They may have formal education, but it may not be in the career that they've chosen within security, so they get active in the community and push themselves into what they want to focus on. Having a mentor to look up to with this path is crucial as they can guide you and offer support.

Helena Brito: Thank you Jed for discussing your career path in cybersecurity. I know our readers will learn a lot from your personal experience as an infosec professional.