I recently came across an interesting New York Times article highlighting the field of threat intelligence. Gartner expects the market for this security service to reach $1 billion next year, up from $255 million in 2013. Surely there must be job opportunities for the person with the right preparation, education, and credentials. I did more research into this technology career and came up with some interesting prospects.
Making Lemonade out of Lemons
In the article, the author cited a case of a family welding shop in Wisconsin that ran a small server for tracking orders, billings and suppliers. Their server was hacked, and they were totally unaware until a Silicon Valley security firm contacted them. The firm noticed that it had become a proxy to get to other vulnerable servers, some from very large companies. The security firm left the server in place but now closely monitors the traffic going in and out of it and can preemptively warn clients when they have been breached or are about to be compromised. Threat intelligence is really about being proactive, as opposed to reactive, and monitoring security issues or paying others to monitor them for you.
For education in this field, it is best to pursue the Certified Information Systems Security Professional designation. This training is available through self study, on-site or online training which prepares you for the mandatory tests. There is even a “CISSP For Dummies” book but I am not sure I would trust my network to someone who chose that route to learn the business.
In addition to the CISSP, there are specialized courses in threat intelligence to augment the CISSP training and certification. These courses take you beyond basic intrusion detection and teach you how to battle persistent threats and how to programmatically counter these threats.
There are jobs available in private industry for security firms that do threat intelligence and sell that information to clients. Many major corporations want to build in-house expertise in this area in order to fend off hackers and protect proprietary information. There are also government jobs available from agencies trying to get the upper hand on security threats. This expertise might have prevented the breach of the Democratic National Committee that I mentioned in last week’s blog.
Network and system security is becoming more critical as some of our most valuable assets are the data we store about customers, new products, proprietary processes, and partner agreements. It is essential for firms and agencies to do all they can to protect that data. That means now moving from a reactive approach to the proactive and systematic method offered by the new field of threat intelligence.
Kelly Brown is an IT professional and assistant professor of practice for the UO Applied Information Management Master’s Degree Program. He writes about IT and business topics that keep him up at night.