Throwback Thursday to a presentation Winn did with our great partner Concise Courses. Here’s the summary of the presentation and the video – it’s under 20 minutes!
At no time in history has the United States had a greater need for cybersecurity experts to protect government networks, critical infrastructures and private sector enterprises from the global onslaught of organized cybercrime, nation states and terrorists. Winn is not known for his conventional wisdom, and many of his prior controversial commentaries have since become standard fare and dogma in the cyberwar and cybersecurity communities – but he does have a really good case about how HR departments in corporate America (and in government) are failing.
Winn believes that we need a complete top down rethink of how we choose security experts, how we manage them and how we view the skills sets needed to provide the best possible cyber defenses.
Winn says that Geeks do not (often) fit into the traditional mold that has been created by business and government – and he is absolutely right. In his presentation titled, “Solving the Cyber Security Hiring Crisis DHS and the Great Talent Search” Winn questions – “what is normal?” Point being that what is “normal” to an HR Professional is not normal to the security community.
Winn is absolutely right and this phenomenon must be a great frustration to many security professionals seeking employment – especially when their skills are highly advanced – and – in-demand!
Education is of course important, but is an MBA or a BA in Computer Science an absolute requirement? The answer should be no. Sure, being a CompTIA Security + professional, having the CISSP designation or being a Certified Ethical Hacker demonstrates that the individual understands required skills sets but how much are these people are actually just studying to pass the exam?
Certifications are great but they should not to used as a check box for HR – especially for those for those that have not taken the same tests.