Hiring Cybersecurity Staff Outside the 'IT Box'How Cyber Employees of Diverse Backgrounds Benefit Organizations
In an age when attacks are being waged by hacktivists, nation-states and cybercriminals, understanding the mindset of the attacker has become just as critical, in many cases, as understanding the technology and code behind the malware and network intrusions that drive today's attacks. That's why organizations should consider hiring cybersecurity staff outside the typical "IT box," says Jen Miller-Osborn, a threat intelligence analyst at security firm Palo Alto Networks.
Miller-Osborn says mitigating risks associated with today's advanced attacks requires broad thinking and cultural understanding. One of the unforeseen advantages of the so-called "brain-drain" in cybersecurity is that organizations have had to rethink how they hire staff, forcing them to think outside the IT box and hire employees that don't fit the traditional computer science mold. This forced push toward non-traditional thinking has actually benefited cybersecurity, she says.
A non-traditional cyber expert herself, Miller-Osborn says mitigating risks associated with today's advanced attacks requires broad thinking and cultural understanding.
"I was actually in the military," she says in this interview with Information Security Media Group. "I was in the Air Force, and I was a Chinese - Mandarin - linguist. I had a kind of non-traditional start into the field, where I started more focusing on a specific region and a language."
But because of her interest in computers, Miller-Osborn volunteered for a computer job within the military and was able to make a career out of cybersecurity by applying her varying skills.
"Typically what you see are people who have...a computer science background or a more technical background, and I got into this coming from studying a language," she says. "But I've found that - and I've noticed now - some companies are looking to branch out and hire different people; so they're looking more for people that have that kind of different background, where it adds a skillset that brings value. They understand the politics of a region; they understand some of the international relations aspects; they understand the culture. And when you have people that have that sort of background ... you can get really a more rich understanding of why things are happening and even why some of the trends are occurring."
During this interview, Miller-Osborn also discusses:
- How companies have changed the ways they train IT security professionals;
- Why having more minorities, such as women and people of different ethnicities, benefits cybersecurity teams;
- How resources available to candidates interested in cybersecurity have greatly expanded in recent years, encouraging more diverse players to join the cyber job market.
For more than 10 years, Miller-Osborn has worked in cyberthreat intelligence and served as a subject matter expert to multiple U.S. federal agencies. She has influenced national cybersecurity policies and regularly briefs at all levels of government. Her focus is detecting, identifying and differentiating between cyber-espionage and cybercrime actors and groups. A veteran of the U.S. Air Force, she is fluent in Mandarin Chinese and holds several degrees and technical certifications.