Next week is CyberScotland Week. That was all the excuse we needed to speak to two men in cyber, to ask about the sector; how they got into it, and how they might advise others – of any age – to get into the cyber field; and how the covid lockdowns have been for them, given that like so many others they have had to work remotely as physical head offices and ops centres have stayed closed.
Michael O’Neill is a 20-year-old third year student at Edinburgh Napier University. Alongside his degree, Michael works as a Cyber Security Apprentice at the tech firm Leidos UK four days a week. Jaskaran (Jaz) Singh, a 26-year old cyber defence analyst at Leidos UK, joined from BAE Systems just under a year ago; that is, during the pandemic, meaning his induction was online.
It was interesting to hear what brought them into cyber – an interest in tech – to inform the argument in cyber circles of how to fill cyber vacancies and to bring on the next generation of cyber talent. Indeed, hence CyberScotland Week, a festival of events (dozens, all virtual, in 2021) on cyber awareness and careers, besides pointing individuals and businesses towards how to protect themselves online.
As for how to enter cyber, Michael spoke of keeping in touch with cyber news; and there’s a plethora of online courses, whether for someone new to work, or the proverbial IT guy who’s had a 30-year career but for whatever reason is looking to specialise in IT security.
“There’s multiple ways, I think,” said Michael, “but for someone like me, if I was older, I like learning by watching someone and doing it; and a lot of courses do that.” “Off the back of that,” Jaz added, “there’s a lot of platforms,” such as Immersive Labs, that put you through penetration testing; you are presented with scenarios, or incidents, and have to work through them.
To leave the two for a minute, even for quite senior or long-serving police or military people entering the private security sector, it can be surprisingly hard to gain work experience of security work; thanks to such ‘labs’, getting a feel for the basics is not an issue in cyber. The nature of such things online is that it’s all data; you can be certificated, and add it to your CV. Jaz added that many tech conferences run online during covid, making them easily accessible. “You have various ways to learn,” Jaz agreed, “you have to choose your own little path.” Two conferences mentioned were Cyber UK; and the series BSides. It was through Cyber UK (hosted by the UK official National Cyber Security Centre. NCSC, in May 2021), for example, that Michael came across Immersive Labs.
More in the April 2021 print edition of Professional Security magazine.
About CyberScotland Week
On Thursday morning, February 25, you can hear from another apprentice, who is studying for a Cyber Security degree at Edinburgh Napier, while working as a Security Analyst at Quorum Cyber in Edinburgh.
The same morning, the UK official National Cyber Security Centre (NCSC) with joined by Morgan Stanley and the Royal Bank of Scotland are holding a webinar on ‘Developing young Scottish talent through CyberFirst’. Also that morning; a discussion on ‘closing the cyber skills gap’, with panellists from academia, government, and industry:
– Ian Lamb Eyre and Denise Doyle, Lecturers, City of Glasgow College;
– Laura McEwan, Cyber Skills Project Manager, Skills Development Scotland;
– Daniel Sellers, Cyber Resilience Learning and Skills coordinator, Scottish Government;
– Anna Chung, Threat Intelligence Analyst, Palo Alto Networks; and
– Greg Day, Chief Security Officer EMEA, Palo Alto Networks (Chair).
That afternoon, The Scotsman is running a ‘cyber nation‘ debate, including Jude McCorry, Chief Executive, Scottish Business Resilience Centre (SBRC); and Dr Natalie Coull, Head of Cyber Security Division, Abertay University in Dundee; after an opening address by Ivan McKee, the Scottish Government’s Minister for Innovation, Trade and Public Finance.
SBRC’s Cyber Community Awards are also announced on February 25.
Visit https://cyberscotlandweek.com/.
