Managers: Walk the Security Talk

What kind of manager are you? Two kinds of manager seem to exist today: those with a technical background, and those without. But more often than not, managers don't have the technical background that they need to be successful.

What kind of manager are you? Two kinds of manager seem to exist today: those with a technical background, and those without. But more often than not, managers don't have the technical background that they need to be successful.

Those with technical skills are at a premium in today's cybersecurity community. But as much as we need more technical bodies, those with engineer and development skills, we also need current managers to make an effort to learn. At some point there has to be a career path that encourages managers to get the training they need, and one that fosters the technical development of an incoming employee.

When the path is created, it's also important it is blessed and used in some capacity by a multitude of federal agencies. Consistency can go a long way in ensuring our government is managed by those with the proper skills and knowledge. Until we find and develop that career path, I worry there are too many people talking about security instead of actually doing security.

So, how do we get there? I've started working on a project that will maybe answer that question. By researching the cybersecurity jobs currently on the market, I've been able to piece together the skills that are most in demand, and how much they're worth. I've also taken a close look at what some federal agencies have done already. Believe it or not most don't have career paths set up. However some do, and implement an exhaustive and demanding level system. A good example of this is in the Air Force, which stood up its net-war training at Hurlburt Field, an elite training of cyber warfare operatives.

Hopefully within this blog space we can take a more nuanced look at what the Air Force has done and espouse its successes to the jobs in demand, and the skills lacking in the upper echelons of security management. If we put these pieces together, I have no doubt the nation can train properly, and make sure all levels of employees have the knowledge and skills they'll need to make our computers more secure.

NEXT STORY: RIM Makes Nice