What is an expert in Cyber security ?

Patricia Cabot Cyber Security


There are 2 main job categories in relation to IT security:

1 – Managing the security that includes Chief Information Security Officers, Business Continuity Managers or dedicated contributors in charge of relaying good practice. Audit & Risks or Legal can also be included in that category.

Those experts work mainly within an organisation but they can also be independent or work for IT services providers.

CISO are technical experts with a degree in IT engineering, very often with a Master in IT Security and an broad IT and business expertise. They have generally worked as CIO or in Risks & Audit. They have a strategic role being able to communicate, to influence and to make key décisions.

I would like to share the vision of a French CAC 40 company CISO that I have met recently. He writes and publishes many articles on IT security but always anonymously.

“I consider the CISO to be a cyber-warrior; he must be capable of planning cyberwar strategies and above all be capable of understanding his exposure in order to put an end to the conflict while avoiding further attacks. ”

2 – Logical security, where we find the “super specialists”.

IT network engineers with specialisation in security, all types of experts such as penetration testers – “pentesters”, vulnerability assessment experts, cryptography experts, anti-malware software developers who must have network security competences in addition to their software development skills, and security architects who have now an even more important role due to new technologies such as the Cloud, Big Data or connected products.

Those experts work mostly for IT systems integrators, IT services providers and security software editors who in turn provide their expertise and services to a .

An ideal profile has an advanced degree in IT engineering, a cyber-security certification and a strong experience. In addition like many other emerging sectors, cyber- security is heaven for geeks and self-taught experts. Cyber-security training courses are reliable and value added and it is not uncommon for hackers to convert into security experts.<br/>

Patricia CABOT – February 2016

Faites du bruit !!!