The Warp Speed Evolution of IT Security Expertise (and How Certification Can Help)

Published April 09, 2012

By Natalie Timms, CCIE Security Track Program Manager

In an era of BYOD, network security professionals are increasingly charged with the crucial task of balancing control with access. They’d better know what they’re doing.

Not so long ago, IT personnel spent time building standalone firewall systems and locking down network services based on their knowledge of IP packet handling. The Internet was still considered the realm of educational and government entities, and security features were supported by the existing network and administrative staff.

Now, the Internet is everywhere, existing in homes, offices, coffee shops and every teenager’s pocket! Accessibility and openness are now a benefit for businesses and industry sectors valuing information sharing and collaboration when it comes to revenue and innovation; however, openness of information and accessibility doesn’t mean an open policy when it comes to data security and assets. Somebody has to take charge of balancing control and access, and that’s a role that is increasingly part of an IT security professional’s job description. Security specialists are adjusting policies and protections to specific guidelines and objectives due to the diversity in open communication

We have transitioned from a boundary-based collection of static network entities communicating selectively with each other to a borderless collection of dynamic identities that have various needs depending on where they are at a certain period of time.

As networks grow and take on new identities, so do their security needs. Employers now seek out security professionals that have the knowledge and expertise to not only meet current requirements but also help plan for the future. The days just poking holes for well-known ports through a standalone firewall are over.  Welcome to the world of BYOD (bring your own device).

From a high level, today’s security professionals are expected to perform in these key areas:

• Respond immediately to any type of threat or new discovery to determine the risk and set the priority for resolution. Includes monitoring security threat sources (bulletins) and providing communication on discovered vulnerabilities or threats with consideration of how they relate to the company.
• Assess, discover and mitigate security holes, attacks and breaches using vulnerability scanners, application scanners, firewalls, endpoints, etc. Protect against day-zero attacks.
• Engineer, implement and administer network security systems and solutions in conjunction with the network engineering team, including performing firewall, remote access, authentication/privacy measure reviews to ensure compliance and correctness of policies.  Also install, configure, upgrade, test and evaluate new features, and troubleshoot the design, configuration and implementation of devices and solutions.
• Understand how security features and protocols interact with the underlying network infrastructure and features. Security is key, but availability and performance are also critical.
• Enforce compliance – industry, company, and government, as applicable.
• Perform or oversee any vulnerability scans and penetration testing, as well as conduct both network and user activity audits where required.
• Provide input into the security road map by researching industry trends, best practices, third-party offerings and vulnerability disclosures. Advise management and appropriate technology teams of recommended action items, working closely with other departments on crossover improvements and projects.
• Assist with training, awareness and policing for all technology and business staff on security issues: topics, best practices and specific areas of improvement. Includes assisting in the training and mentoring of other security team members.
• Provide input into security documentation: metrics, high availability and disaster recovery solutions, incident response plans, corporate security policies, etc.

Finding qualified individuals to handle a task list that is so technical, so diverse and so critical is a challenge to employers.  That’s where job-related certifications can come into play, but only if two key criteria are met:  Employers must trust that awarded credentials are industry recognized and respected, and IT professionals must also feel confident that the time, effort and money spent on certification are worthwhile, placing them in good standing when applying for a position.

The best security certification programs uniquely combine job role analysis, theoretical knowledge and practical application of security suitable for a wide variety of IT professionals, including:

• Network security administrators
• Network security engineers
• IT professionals supporting both network and host security
• Network security auditors
• Network managers dealing with network security
• Enterprise/Industry CERT team members
• Network security consultants
• Network security designers/architects
• IT network security policy makers
• Enterprise/Vendor network security support personnel
• Network security trainers
• Network equipment vendor security test engineers

These job roles are constantly evolving, and employers face a constant challenge to identify and retain qualified individuals to place in charge of critical network security functions. Industry-recognized certifications, such as Cisco’s CCIE Security credential, can be of great help in this task. Cisco works constantly ensure its credentials reflect real life, relevant and dynamic security trends, and the bar for achieving the CCIE Security credential is set very high. In the rapidly changing arena of network security, it’s one of the key credentials that both employers and IT professionals can use to identify network security expertise.