Tag Archives: Cloud Security

Mind The Skill Gap: How To Expand Talent In Cybersecurity

Posted on by

The modern cybersecurity industry has been the subject of much attention in recent years as threats to businesses large and small continue to mount. Even outside of the industry, business experts have correctly concluded that more measures are necessary to counteract aging infrastructure and an increase in possible attack surfaces. The interest exists, but what doesn’t exist is enough personnel to fill the myriad jobs in cybersecurity. And this problem is only expected to get worse as time goes on, with the number of new professionals eclipsed by how much their talents are needed.

The discrepancy in cybersecurity is often blamed on the failure of universities to provide the courses necessary to train the next generation of experts. While this is a noted problem, it is only one of many. The same cybersecurity professionals who scoff at formalized education in the field are often unwilling to invest the resources into training others within their organization, instead preferring to solicit existing talent from other businesses. Though there is significant work involved when it comes to building a reliable team, the reward of cultivating new talent is preferable to poaching the old and widening the skill gap further. It’s a sacrifice, but one that must be made if the industry is to be sustainable moving forward.

The other advantage of in-house training is the integration of cybersecurity practices throughout all of a business’s processes. Too often, organizations view these tools as afterthoughts to be stapled at the end of every project. The reality here is that new systems, products, and infrastructure should be created with cybersecurity in mind. Training and apprenticeship programs provide enough personnel to adequately address anything new coming through the pipeline. This carries the added benefit of allowing new entrants in the industry to receive a hands-on experience with a variety of systems.

And, if a company doesn’t have any place to start when it comes to building in-house cybersecurity firms, a third-party organization can help. These companies can provide support for companies that don’t have the resources to train new experts and build the start of a good security culture. However, even dedicated cybersecurity organizations should be mindful of their practices when it comes to recruiting vs. fostering talent.

It’s also important to consider the kind of training that is being given to aspiring cybersecurity experts. The best way to handle cybersecurity is to start with the broad strokes—the compliance laws that it is absolutely vital that any professional knows. In many cybersecurity courses, emphasis is placed on the products that businesses can use to combat threats. This leads to experts with very specialized knowledge of a specific solution, rather than knowing many brand-agnostic solutions or the compliance standards that underpin the whole industry. Consultants should be neutral when it comes to recommending solutions and find whatever suits an organization’s needs.

The future of cybersecurity will need to be collaborative. Between academic organizations selling their programs to business organizations offering opportunities for interested professionals to learn, a lot needs to change about how new talent is cultivated. In the future, expect to see a new generation of experts that know compliance law inside and out—and that are focused on spreading their best practices to others.

 

 

Master the Cloud With These 5 Books

Posted on by

Are you the type of professional that is always learning and adapting? Then you have that in common with cloud computing, which is growing every year and becoming more relevant in every aspect of life. If you work with the cloud or are starting to learn, there are plenty of resources to help you out.

In this age of the Internet, there’s no reason not to choose a book that fits your time. Though many sources online are available to help you along, it can be difficult to sift through everything. Here are a few of the best books on cloud computing.

Cloud Computing: From Beginning to End by Ray Rafaels

They say that any expert should be able to write in a way that anyone can understand, and that’s what Rafaels has done in this book. From Beginning to End covers migrating to the cloud along with ways to leverage it in business. As Rafeaels is mercifully easy to understand, this book is suitable for all levels of experience with cloud technology.

Cloud Computing: Concepts, Technology & Architecture by Thomas Erl, Ricardo Puttini, and Zaigham Mahmood

While it can be a difficult book to read straight through, Concepts, Technology & Architecture is a great supplementary reference for anyone learning the cloud. If you want to understand the underlying concepts behind cloud computing, this is the book for you. Erl, Puttini, and Mahmood have taken the time to unpack real life examples for the benefit of the reader, giving practical insight into how to properly use the cloud in daily business practices.

Cloudonomics: The Business Value of Cloud Computing by Joe Weinman

While other works focus on the technical aspects of the cloud, Cloudonomics is a study in the ways that it has impacted business. This is good reading for company leaders that won’t be heavily invested in the cloud, but should have enough of an understanding of its capabilities to know the best ways to use it successfully. Using case studies and statistics about things such as ROI and costs, Weinman paints a picture of the state of adoption and posits how it might move forward.

Architecting the Cloud: Design Decisions for Cloud Computing Service Models by Michael Kavis

Practical and informative, Kavis lays out the myriad of cloud service offerings available in Architecting the Cloud. This is a great book for IT professionals with a smattering of knowledge that are now working on transitioning their infrastructure to the cloud. Even beyond the cloud, much of the advice offered in this book is applicable for IT best practices in general. It’s not overly technical, so you may need to look elsewhere for some of the minutiae, but there are plenty that will find the information here valuable.

Amazon Web Services For Dummies by Bernard Golden

AWS is one of the most popular cloud computing platforms on the market, so it’s no surprise that it’s worth investigating further. Golden does just this, providing advice for implementing AWS effectively. Go into the API that you’ll be using with AWS and learn the functions important to running your business. This book can be used in conjunction with some of the free information that Amazon publishes on AWS for further value and to learn more.

How to Teach Employees Cloud Security

Posted on by

Businesses have worked hard in recent years to bring their IT infrastructure in line with cloud best practices, but security is still an ever-present issue. It can be hard to regulate all of the data shared over the cloud, and information is always being updated. It seems, in many ways, like a zero-sum game—but given the amount of sensitive data freely shared over the cloud, it is still valuable to ensure that employees at your company are informed of the ways that they can practice good cloud security.

Training has multiple benefits; not only can it prevent sensitive data from leaking, but instructing employees on the finer points of VPNs and WiFi as well can dispel myths about the technology and ward against future mishaps. If you are a cloud professional, consider collaborating to set up a training program with other relevant IT staff. If your office lacks a reliable source of knowledge and you use an external provider for cloud services, inquire about the viability of a training program and work with them to reach a suitable arrangement.

The first thing to understand about cloud security is that it involves everyone in the office, not just IT staff. Pay special attention to anyone handling sensitive information; they may need extra instruction in this area. It may seem difficult to educate non-IT staff on the intricacies of the cloud, but in reality, there’s a lot that they can do to improve security on an individual level. Teach them how to avoid malware and unauthorized applications, and give them the resources to create strong passwords.

When training, it is of the utmost importance to impart onto employees that action is taken immediately. Companies cannot afford to take a reactive stance when it comes to cybersecurity, as a data breach can cost dearly in capital, time, and reputation. Often, once data is gone, there is no retrieving it. For businesses pursuing training, they should incentivize it and discuss the benefits that it brings. While it may take time out of their normal work schedules, a better understanding of cloud sharing can improve efficiency in the long run.

It is also important, when planning a training program, to ease employees into cloud usage with practical applications. Use a simple site or API to highlight how the cloud can be used to make it more efficient, and how it can safely be used. Keep in mind that employees will have different learning styles, and strive to offer supplemental guides and videos to allow them to fill gaps in their knowledge.

To go along with training, companies should take the time to reevaluate their cloud permissions, and which employees make use of it. Cloud protocol should be integrated into a company’s policies; don’t just make it a suggestion by way of training, but identify areas that can unwittingly be breached from within and work to fix them and mitigate the risk.

It can be difficult to get staff to comply with these changes. After all, for the average employee, much of it will seem sudden and difficult to understand. Understand and listen to your staff’s concerns about learning this new technology and empathize with them; if something in a training program isn’t working, you should consider working with them to fix the problem. Get them to apply what they’ve learned to practical office problems, and demonstrate their knowledge. Many compliance laws will require demonstration that employees have learned the material, so be cognizant about the steps you will need to take to fully comply.

In addition, it will be necessary to update training every year or so. It may sound like drudgery, but with security concerns changing by the day, your staff will need to stay up to date on the best ways to keep data secure. For IT staff, this obligation may be even more extensive, requiring consistent research into recent attacks and best practices for security.

With cloud migration continuing unabated, it is valuable for any company to educate their employees on its proper use. It affects all aspects of business, which could potentially be problematic for individuals not trained in using it in a secure manner. The sooner businesses embrace cloud education for their employees, the sooner they can adopt new changes and continue to leverage the cloud and its myriad of benefits.

The Top 5 Cloud Skills You Should Acquire in 2016

Posted on by

 

The Top 5 Cloud Skills You Should Acquire in 2016 by Scott Maurice

LinkedIn recently cited Cloud and Distributed Computing as the number one skill that can get you hired in 2016.

LinkedIn members with skills like Hadoop, HBase, and Hive listed on their profiles increased dramatically from 2014 to 2015, making it jump from not even being rated (due to a low number of members adding these items to their profiles) to the #1 spot in 2015, and the best skill to get you hired in 2016.

As cloud computing has become a technological cornerstone for businesses across the globe, employer demand for cloud professionals has exploded. In 2015 alone, there were an estimated 18 million cloud computing jobs globally, according to WANTED Analytics.

Of those 18 million, 3.9 million of those jobs are in the U.S., with 384,478 in IT alone. And according to WANTED Analytics, the median salary for IT professionals with cloud computing experience is $90,950, and the median salary for positions that pay over $100,000 a year is $116,950.

Basically, it’s a great time to be working in cloud solutions, so let’s breakdown this flourishing industry into five popular skills required of the modern cloud professional.

Migration

It takes longer for some companies than others to get up to date with the latest tech standards. Millions of businesses are still in the process of planning and executing the migration their on-premise infrastructure. This means there is still a significant demand for professionals with the skills to facilitate the process.

If you’re put in charge of overseeing this migration, you will need a sound knowledge of the different cloud deployment models available to businesses. You’ll also need to understand the existing infrastructure of the organization you’re working with and the knowledge of how to map applications and workloads running on existing servers and relocate them to their cloud equivalent.

Looking for a course you can take to learn the ins and outs? Try Microsoft’s Private Cloud certificationSpecialist certification in Implementing Microsoft Azure Infrastructure Solutions, and MCSA: Windows Server 2012 course (which can be deployed across both public and private cloud offerings.)

Security

According to RightScale’s 2016 State of the Cloud Report, security is a top concern for companies using cloud-based platforms.

The top challenge cited for companies was is lack of resources/expertise (i.e. there’s a high-demand for skilled workers!) which remains a consistent concern across the levels of experience these companies have working in the cloud—experience was divided into 3 subcategories: Cloud Beginners, Cloud Explorers, and Cloud Focused. The second most important challenge (especially to Cloud Beginners): Security.

Security was ranked as the #2 challenge by Cloud Beginners (35 percent), the #4 challenge by Cloud Explorers (28 percent), and the #5 challenge by Cloud Focused users. While security concerns decrease as a challenge as users gain cloud experience, it is still a crucial concern for companies across the board.

To develop your cloud security skills, then (ISC)2’s Certified Cloud Security Professional (CCSP) certification is for you.

Database Querying Languages + Platforms

The amount of data that we create today is almost incomprehensible. Each day, in fact, we create 2.5 quintillion bytes of data, but this explosion of data is a very recent one. In fact, 90% of the data in the world today has been created in just the last two years. But all that data is meaningless unless it can be analyzed and accurate conclusions can be drawn from it.

Companies need employees with the skills to thoughtfully and meaningfully draw insights into their customers, the market, and their products as well as the ability to store and manage this data. This is where learning a database querying language and an associated database platform come in.

SQL is by far the most important language to learn, and there are courses all over the web that offer lessons in this. Start out with Codecademy, and from there you can see if you need to supplement other courses.

Popular database platforms include Microsoft SQL Server, Oracle Database, and open-source platforms like MySQL, Hadoop and MongoDB. Oracle has their own certification courses, as does Microsoft. MongoDB provides their own MongoDB University and Oracle provides MySQL training. Cloudera can help you learn Apache Hadoop.

Linux

More than 25% of servers powering Azure are Linux based, which means there’s a very high demand for cloud professionals with Linux expertise in the market right now. Microsoft has been increasingly working in the open-source market, which means the demand is only set to grow.

Learn how to design, architect, build administer, and maintain Linux servers with the Linux Foundation Certified Systems Administrator course. Microsoft also offers a MCSA: Linux on Azure course that will help you develop the skills to create cloud-enabled Linux solutions that take advantage of the full potential of the Azure platform.

Programming languages

Everyone knows that developers are always in hot demand, and working in the cloud has only allowed developers to build, deploy, and manage applications more efficiently. Companies need talented developers to manage these efforts. Languages like Python, Perl and Ruby have become more popular in recent years, but traditional languages like .NET, Java, and PHP continue to have high demand.

Again, Codecademy is a great resource for learning many of these languages, and their courses are free.

Conclusion

As the world moves more and more into the cloud, the need for cloud professionals is only set to grow. No matter if you’re looking to make a career change, shift, or simply increase your value as an employee for a potential raise or promotion, learning these skills will make you invaluable to your employee and the team you’re working in. Don’t miss out on this essential technology shift that’s taking place all over the world.