Rob Carey of GDIT Talks About the Importance of Practical Experience in Cybersecurity

January 31st, 2018 | Posted by Alexa Magdalenski in CyberCapital - (Comments Off on Rob Carey of GDIT Talks About the Importance of Practical Experience in Cybersecurity)

CFO Awards17 Web Graphic

By Renee Brown Small, CEO, Cyber Human Capital, and Contributing Editor, CyberCapital.us Blog

“You don’t have the ability to make sound decisions until you’ve had some experience under your belt.” – Rob Carey, Vice President, Cybersecurity, Cloud and UC Solutions, General Dynamics Information Technology

Carey v2Some of the questions fresh graduates who want to enter into cybersecurity are: “Where should I start?” and “What’s the best experience I can get?” Rob Carey of General Dynamics Information Technology (GDIT) addresses these questions and gives further insight into what he, and those like him, look for in future cybersecurity professionals.

Rob Carey started in the United States Navy as an undersea weapons systems engineer before he was transferred to the Department Navy’s Chief Information Officer office, where one of his first jobs was to roll out smart cards. He became the CIO himself in 2006, held the post of principal deputy chief information officer from 2010 until his retirement in 2014, and at present is the vice president of Cybersecurity, Cloud and Unified Communications Solutions within the Global Solutions Division of GDIT. As such, he is presently concerned with a wide range of cybersecurity concerns.

Rob remarks that part of his present work involves cloud computing, particularly where cybersecurity affects those using cloud computing. As an example, Rob remarks that, while accessing a commercial cloud computing environment from a government location and then doing what one needs to get done in that environment may sound simple, but the reality is that it is not. In addition, Rob is presently setting up a lab designed to evaluate various cyber tools and determine how well these work in a given environment, allowing GDIT to propose solutions to the government, rather than merely riding on what is already commercially available.

When asked who are the best candidates for his team, Rob looks at a candidate’s experience level. His people are very much in touch with present technologies and know how security operation centers operate. Rob notes that the best person for the job isn’t necessarily the candidate with a Master’s degree in electrical engineering, but could be someone who has a particular approach to solving the problem at hand and who has some technical knowledge of cyber. A candidate having real-world experience is very important to him and his team, as it is those kinds of security professionals who understand how things work in the real world. He notes that he is looking for people who have had experience in security operations centers, as the actual hands-on experience gained from working there is necessary for designing systems, which is a part of what his department handles.

Along with running his department, Rob is presently doing his part in helping the next generation of cybersecurity professionals gain practical experience, as he is sponsoring half a dozen senior students at George Mason University, helping them out with a class project that involves creating a framework to work on a cybersecurity matrix and to evaluate cybersecurity.

At present, GDIT is looking to expand as it changes the way it engages its customers, both in the United States government and in the cyber industry, and Rob notes that being part of the growing team that he’s presently handling would be a great opportunity.


Renee Brown Small is the author of Magnetic Hiring: Your Company’s Secret Weapon to Attracting Top Cyber Security Talent and CEO of Cyber Human Capital, an HR consultancy that specializes in innovative ways companies hire and keep cybersecurity talent. Download a free copy of her book here. Brown Small is contributing editor of the CyberCapital.us blog.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Developing Cybersecurity Specialists for the Long Haul: Rhonda Dyer of SAIC

January 10th, 2018 | Posted by Alexa Magdalenski in CyberCapital - (Comments Off on Developing Cybersecurity Specialists for the Long Haul: Rhonda Dyer of SAIC)

CFO Awards17 Web Graphic

By Renee Brown Small, CEO, Cyber Human Capital, and Contributing Editor, CyberCapital.us Blog

“We certainly have the responsibility to bring talented, qualified, experienced personnel to our clients. We have a responsibility to our employees to grow them into that type of capability.” – Rhonda Dyer, ‎Vice President Strategy, Sales Support & Solutions, SAIC, on the need to develop cybersecurity experts

Dyer v1Cybercrime may be on the rise, but training the people necessary to combat it is rocky at present. Cybersecurity is still not a priority in most college curricula, and addressing the issue of providing would-be cybersecurity professionals the right kind of education is something that Rhonda Dyer is presently working on.

Rhonda got her break into cybersecurity around ten years ago, when she was offered an opportunity to support cyber and develop the business from a capture sales perspective. She is passionate about ensuring that all that she delivers to her clients is secure and that her clients know as much as they can about how to protect themselves and their machines from cyber attacks. Rhonda defines her job as one to ensure that her clients have a secure way to get their job done and also points out that security has to be top-of-mind at all times.

Rhonda is presently working at SAIC, and at the moment, the company is moving into three areas of cybersecurity. The first is in the realm of cyberspace operations, where SAIC works on supporting the entire cycle of planning, operations and targeting, and in this realm SAIC has won a contract with the U.S. Cyber Command. The second area is in defense technology, particularly in perimeter security, and this is an area that SAIC will be rolling out soon. The third area, that she is really passionate about, is in education. In this realm SAIC is providing opportunities for high school students to learn about cybersecurity. She also notes that, while only ten percent of the overall cyber workforce is female, the operations programs presently active in SAIC are run by women. She says, “I encourage everybody to make sure their children, especially their daughters, are engaged in STEM education and coding. Also, recognize that the cyber field is broad. You could be doing legal in cyber, policy in cyber. Even if you don’t have a technical bench and you don’t want to be a cyber engineer, there’s a role for you to play during these national assets.”

Rhonda shares that her clients are looking for people who could be up and working the day they start, which means experienced cybersecurity professionals. These cybersecurity professionals don’t necessarily have to know about all the different aspects of a company when they start out, as Rhonda remarks that SAIC can provide training to cover those aspects. That said, she notes that people who have a background in operations are in demand, and as SAIC is involved with the US military, it isn’t surprising that a sizeable number of their hires are veterans who have backgrounds in network handling or in physical security. Rhonda also notes that she also looks for people who have been cleared, security-wise, and who are certified and have been working in mission-critical environments.

Rhonda remarks that SAIC strives to be a career destination, and notes that those who choose to work for SAIC will be able to get training and keep their certifications up to date. She also notes that SAIC is striving for diversity in its talent, as different perspectives are critical in cybersecurity.


Renee Brown Small is the author of Magnetic Hiring: Your Company’s Secret Weapon to Attracting Top Cyber Security Talent and CEO of Cyber Human Capital, an HR consultancy that specializes in innovative ways companies hire and keep cybersecurity talent. Download a free copy of her book here. Brown Small is contributing editor of the CyberCapital.us blog.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Teaching the Next Generation of Cybersecurity Specialists: Scott White of GWU

January 10th, 2018 | Posted by Alexa Magdalenski in CyberCapital - (Comments Off on Teaching the Next Generation of Cybersecurity Specialists: Scott White of GWU)

CFO Awards17 Web Graphic

By Renee Brown Small, CEO, Cyber Human Capital, and Contributing Editor, CyberCapital.us Blog

“I think it’s a fascinating field. Jobs are plenty, they’re not going away. This is an industry that’s growing exponentially.” – Scott White, Associate Professor & Director of Cybersecurity, George Washington University, on the field of cybersecurity

Dr Scott J White v2While a lot of colleges aren’t properly creating cybersecurity specialists, the George Washington University is facing the concern head-on with a certification program in Computer Security and Information Assurance, with the possibility of applying this to a Master’s in Cybersecurity if a student decides to pursue a master’s. And Scott White is directly involved with this program.

Scott White began his career in cybersecurity in military intelligence, after which he got a doctoral degree in clinical criminology, where he worked in the fields of behavioral analysis and profiling. After working for a government intelligence security service, he then entered academia, where he taught about criminology, psychology and behavior. He then entered the cybersecurity industry around seven years ago, and while none of his degrees were technical in nature his skill set places him in the right position to analyze human factors and adversarial aspects of computing.

Scott notes that the cyber industry is so wide-ranging that any discipline applicable to the non-cyber world has some bearing with the work conducted within the cyber industry. For those who are seeking a change of career and entering the cyber industry, Scott recommends taking a master’s program in either computer science or cybersecurity at a reputable institution. He also notes that learning about the software isn’t enough, given the speed at which change takes place within the industry, which means that such aspects as analysis, critical thinking and critical reasoning are more important.

Scott remarks that skill sets are more important than actual titles and degrees where cyber work is concerned and gives the example of an auditor taking up cyber auditing, as the skill sets used in both types of auditing are similar. Scott expounds on this by noting that that someone interested in cybersecurity may need to deconstruct their existing skill set to see how applicable their existing skills already are for cybersecurity. One example is of fine arts majors going into security, “One of the things I’m constantly surprised by is when I meet people in cyber security, the range of disciplines they have. I’ve met people who were in fine arts, in dance, and you say to yourself how does a fine arts major who studied dance, how is that relevant to cybersecurity? Well when you really think of how a dancer moves, how they train. The almost arithmetic quality to dance, you can understand how that thinking can apply to the cybersecurity world when we’re looking at adversaries, how they think and construct their particular attack scenario.”

Where George Washington University’s academic curriculum is concerned, Scott notes that he looked at three different forms of accreditation – National Security Agency, the industry standard CISSP and the national initiative for cybersecurity education – and made sure that the underlying pillars from all three are represented in the curriculum to make it easier for their students to receive accreditation. The classes themselves are a balance of theory and critical thinking, and laboratory and live experimentation.

When asked about people looking to transfer from another profession, Scott says this, “I think the greatest thing I would want to convey is that, look at your skills set that you possess today. See what you do in your workplace, and then take the time to find out how your skill set is applicable to this industry. Because I think a lot of people, a lot of the people will ask themselves how their job title fits. And with that job title, they will not see how that is connected to our industry. And the fact of the matter is it very well may be. So take some time, deconstruct what you do and the skills that you have. Speak to [a recruiter, career coach or someone in HR]…and see how that skill set is applicable in this industry.”


Renee Brown Small is the author of Magnetic Hiring: Your Company’s Secret Weapon to Attracting Top Cyber Security Talent and CEO of Cyber Human Capital, an HR consultancy that specializes in innovative ways companies hire and keep cybersecurity talent. Download a free copy of her book here. Brown Small is contributing editor of the CyberCapital.us blog.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Seeing Cybersecurity Threats Before Everyone Else Does: David McGill of ICF

January 10th, 2018 | Posted by Alexa Magdalenski in CyberCapital - (Comments Off on Seeing Cybersecurity Threats Before Everyone Else Does: David McGill of ICF)

CFO Awards17 Web Graphic

By Renee Brown Small, CEO, Cyber Human Capital, and Contributing Editor, CyberCapital.us Blog

“They are self-directed and can self-manage themselves. They are adaptable, they have the ability to learn and to change because it is a dynamic environment. They are passionate about security – one indication is a home lab.” – David McGill, Vice President, Strategy & Business Development, ICF, on the kind of people who will succeed in cybersecurity

McGill_David v2A recent article noted that, in the first quarter of 2017 alone, an average of 858 malware specimens were created, and David McGill is one of those on the front lines of dealing with such cybersecurity threats. He has a particularly advanced view of these, as his work with the Department of Defense enables him to see threats days or weeks before these become known in the commercial world.

David got involved in cybersecurity full-time in 2011, and at present, he is focusing on cybersecurity vulnerability in operational technology and industrial control systems, and he is also involved with a team that works on other aspects of cybersecurity. One of the things the team is presently working on is creating a synthetic network where malicious code can be inserted, to better train cyber operators to recognize these and thus become more effective. His team is also looking into virtual reality as well as working with the Army Research Laboratory, and still others are working with corporations to help with these companies’ cyber hygiene, which is all about the processes, procedures, policies, guidance, governance and risk management.

David also remarks that one of the newest groups of ICF now works with clients on enterprise resilience, which means identifying the threats to the enterprise’s mission, after which plans are created to address and respond to such threats. He shared that a client company uses gaming technology to investigate complex decision making or create very interesting exercises where the end result is open-ended, rather than predetermined. David also adds that, no matter how much one prepares, the possibility always exists that an organization will be hit with a threat in a way that wasn’t foreseen, which is why the use of gaming technology is appealing.

Granted, technical know-how and, if necessary, clearances are needed to become a cybersecurity professional, but it’s not just these which are needed. David shares that, where a cybersecurity professional is concerned, people who are flexible, self-aware, self-directed, who love to learn and who can manage themselves are what are needed, as the environment is very dynamic. He cites the example of having to deal with an emergency one day and then becoming a help desk analyst the next, and noted that emotional intelligence is also a necessity, since the professional will need to deal with different kinds of people. He also notes that passion is very important, given the environment, and that one indication of this is if an applicant runs a lab from his own home.

David is always on the lookout for good people. He asks for referrals from his team members and from within the company itself for potential cybersecurity experts he could hire.


Renee Brown Small is the author of Magnetic Hiring: Your Company’s Secret Weapon to Attracting Top Cyber Security Talent and CEO of Cyber Human Capital, an HR consultancy that specializes in innovative ways companies hire and keep cybersecurity talent. Download a free copy of her book here. Brown Small is contributing editor of the CyberCapital.us blog.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

NVTC and Monster Government Solutions Launch New CyberCapital Site

July 10th, 2017 | Posted by Alexa Magdalenski in CyberCapital | Research - (Comments Off on NVTC and Monster Government Solutions Launch New CyberCapital Site)

Cyber Capital Screenshot 3The Greater Washington region, including Washington, D.C., Virginia and Maryland, is the nation’s cybersecurity capital, with a unique set of cybersecurity assets and opportunities that no other region in the world can match. To highlight and position the region’s stance as a cybersecurity leader, Northern Virginia Technology Council (NVTC) has partnered with Monster Government Solutions to create the www.CyberCapital.us microsite which reflects the region’s unmatched cybersecurity capabilities in talent, funding and regional resources.

Workforce                 

Greater Washington has the highest geographical density of cybersecurity workers in the country, with 84,000 currently employed cybersecurity workers across the region. Despite that, we still have over 46,000 cybersecurity openings left to fill. This further supports the NVTC member survey responses indicating that over half experience difficulty staffing cybersecurity openings.

CyberCapital Web Graphic v062317Funding

In 2016, companies with cybersecurity offerings raised $216 million in venture capital funding across Greater Washington. The region has a thriving cybersecurity incubator and investor community highlighted by organizations like In-Q-Tel, MACH37 and Carlyle Group.

Resources

In addition to being the seat of federal government and the source of national cybersecurity policymaking, our region has unparalleled cybersecurity resources including the U.S. Cyber Command in Ft. Meade, DARPA and strong research infrastructure through top universities in all three jurisdictions.

Regional Branding

Our hope is that this site will help build awareness of Greater Washington as the nation’s leading cybersecurity hub, with an experienced, educated workforce and opportunities for both cybersecurity practitioners and businesses looking to tap into our deep pool of talent and resources.

NVTC is working on behalf of the Greater Washington technology community to accelerate and promote cybersecurity growth. In November 2016, we hosted our inaugural Capital Cybersecurity Summit and will be hosting the second annual Capital Cyber Summit on November 14 and 15, 2017.

We’ve also launched a Tech Talent Initiative to address the workforce challenges of NVTC members and the Greater Washington technology community in crucial areas like cybersecurity, data analytics and software development.

NVTC is delighted to be partnering with Monster Government Solutions on this new resource to promote Greater Washington’s dynamic cybersecurity ecosystem. Visit www.cybercapital.us for the latest cybersecurity statistics, as well as links to regional resources and cybersecurity job openings.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS