Anyone looking to break into the cybersecurity industry should focus more on in-demand skills and less on the formal education and certification. This is according to a new research report from the SANS Institute, a Bethesda-based security research and training firm.
Polling more than 500 cybersecurity experts from 284 different companies, the company found that 85 percent believe knowledge of networking (how computers and other devices communicate with one another) is a “very important” skill.
The report states that the mastery of networking is a fundamental skill, acting as the foundation for all future training.
The results were echoed by cybersecurity expert Brian Krebs, author of the Krebs on Security blog.
“Trying to get a job in security without a deep understanding of how data packets work is a bit like trying to become a chemical engineer without first mastering the periodic table of elements,” claims Krebs.
Networking expertise aside, the SANS Institute report also claims Linux and Windows skills are in high demand, along with knowledge of common exploitation techniques, computer architectures and virtualization, and data and cryptography.
Programming, meanwhile, was considered essential by less than four in ten of the respondents.
“Employers report that student cybersecurity preparation is largely inadequate and are frustrated that they have to spend months searching before they find qualified entry-level employees if any can be found,” said Alan Paller, Director of Research at the SANS Institute.
“We hypothesized that the beginning of a pathway toward resolving those challenges and helping close the cybersecurity skills gap would be to isolate the capabilities that employers expected but did not find in cybersecurity graduates.”