Cyber Security Skills
For economies across the globe, finding skilled professionals in Cyber Security remains a formidable challenge. Professionals who are not only well versed with IT fundamentals but also have an aptitude for working in this demanding yet highly rewarding field. According to “the 2015 (ISC)2 Global Information Security Workforce Study, “ 1.5 million Cyber Security professionals will be needed globally by 2020.
In accordance with NSDC’s framework, DSCI, with Industry support, has developed the following:
- Career Map for Cyber Security sector
- Qualification Packs for 10 upcoming job roles
The Key Tracks that comprise of Cyber security are:
- Network Security: to protect networking components, connections, and contents from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure.
- Application Security: to protect various applications or the underlying system (vulnerabilities) from external threats or flaws in the design, development, deployment, upgrade, or maintenance.
- Data Protection and Privacy: to prevent unauthorized access to computers, databases and websites and protect data from corruption. It also includes protective digital privacy measures.
- Identity and Access Management: to enable the right individuals to access the right resources at the right times for the right reasons by authentication and authorisation of identities and acces.
- Cyber Assurance/GRC: to develop and administer processes for Governance, Risk and Compliance
- Digital Forensics: to collect analyse and report on digital data in a way that is legally admissible. It can be used in the detection and prevention of crime and in any dispute where evidence is stored digitally.
- Incident Management: to manage information security incidents and identify, analyze, and correct hazards to prevent a future re-occurrence
- BCP/DR: to develop and administer processes for creating systems of prevention and recovery to deal with potential threats to a company thus protecting the protecting an organization from the effects of significant negative events
- End Point Security: to protect the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats.
- Security Operations: to monitor, assess and defend enterprise information systems (web sites, applications, databases, data centers and servers, networks, desktops, etc.)
- Industrial Control Security: to secure control systems used in industrial production, including supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and other smaller control system configurations such as programmable logic controllers (PLC) often found in the industrial sectors and critical infrastructure