Good help can be hard to find, especially in the field of information security, which has suffered a shortage of qualified talent in the past few years. Companies are finding it harder to fill vacancies to manage and protect their networks from outside threats with experienced individuals.
It may be tempting to hire one of the few available cybersecurity experts who apply, but you need to be sure of their experience and qualifications.
Who You Need in a Cybersecurity Role
It’s important to carefully define what type of position you need filled. Small businesses may not always have the resources to staff a fully-equipped IT department to manage their network security, and need to rely on a handful or even just one expert to take on that responsibility.
According to Cyber Degrees, a cybersecurity position can undertake several responsibilities including:
- Determining the most effective ways to protect endpoints and the network from attacks.
- Responding to breaches and other emergencies.
- Assessing security risks by performing vulnerability tests, risk analysis and interviewing staff on security preparedness.
- Researching and preparing for new security threats.
- Provide reports to management.
- Compose cost estimates for necessary security expenses to management.
Depending on the makeup of the rest of your IT department, you may also require them to fulfill other IT-related duties. Standard education requirements for a cybersecurity specialist is usually a bachelor’s degree in computer science or related field. There are also several certifications to look out for or that you may want to require, one of the most popular being Certified Information Security Manager (CISM).
Some specific skills such a position should possess include knowledge and understanding of secure coding practices, firewall protocols, intrusion detection/prevention protocols, SQL and other security frameworks.
Just as important as their technical skills and knowledge, you need someone who understands the needs of a small business, said Andrew Rinaldi, partner with Launch Security.
“Ideally [you want] someone who has worked in or with other small businesses, not someone who is trying to bring midmarket or enterprise level cybersecurity thinking or solutions to a small business environment,” Rinaldi said.
Another quality to look for is someone who approaches cybersecurity as an ongoing posture and not a one-time project. Cybersecurity is something that needs to be consistently tended to and improved over time, he said.
A competent cybersecurity expert will take a layered approach to security, not just with technology, but on the interpersonal level with the rest of the company, Rinaldi said. Promoting ongoing education for employees on the subject is a great resource and indicator of a real expert.
Read more: https://www.businessnewsdaily.com/10875-hiring-cybersecurity-consultant.html