This post was originally published here by (ISC)² Management.
There’s no question cybersecurity professionals are busy people, but what takes up their time at work? According to recent (ISC)2 research, the skills they most employ each day are network monitoring, security analysis and security administration, while forensics and penetration analysis rank at the bottom.
But if you ask those who are actively looking for a new job, the daily task that comes up most often is user awareness training. Some 38% of respondents who said they’d be starting a job search within six months revealed they conduct user training every day, while 31% do it two to three times a week and 15%, two to three times a month. Among those already actively pursuing a job, 56% said they conduct user training two to three times a week, 19% two to three times a month, and 6% daily.
Active job seekers spend more time on user awareness training than any other group and this finding may hint at the reasons they are seeking new employment. Perhaps active jobseekers are more interested in other areas of cybersecurity where they are more likely to employ specialized technical skills?
User awareness training, after all, doesn’t necessarily require highly technical skills, but rather a deep understanding of current threats and what users should do to avoid them, as well as how to explain these concepts to someone less familiar with the subject matter.
Keeping Up with Threats
The study’s findings about the skills cybersecurity workers use on a daily basis reflect current realities created by the cyber threat landscape. For instance, it makes sense that network monitoring (cited by 58% of respondents) is the most common daily task.
Organizations must keep a constant eye on their IT environments in order to spot threats and address them as quickly as possible. This also likely explains why security analysis and administration (both cited by 53% of respondents) ranked close to network monitoring. Both activities are essential to maintaining a strong security posture.
Daily skills that ranked lower on the list are more specialized. They include security project management (37%), incident response (32%), threat intelligence analysis (32%) malware research and analysis (29%), and auditing (24%). Ranking lowest on the daily list of activities were penetration testing (18%) and forensics (12%). Neither of these tasks would normally require ongoing attention, as opposed to, say, network monitoring.
Interestingly, 24% of all respondents cited user awareness training as a daily task, and 35% as both a two-to-three-times-a-week and two-to-three-times-a-month activity. So when looking at overall numbers, user training ranks nowhere near the top of skills applied daily.
Still, we should note user training ranks as a high priority for cybersecurity workers. When asked how important user training was when looking for an employer, 86% of overall respondents said it was either very (59%) or somewhat (27%) important.
So if elsewhere our study suggests cybersecurity workers aren’t particularly excited about doing user training everyday, it would be a mistake to infer they view it as unimportant. But, it may be that they would rather someone else do it, so they can focus on other security-related tasks. This is something employers should keep in mind when writing job descriptions to fill cybersecurity positions.