The Smartest Person in the Room The Root Cause and New Solution for Cybersecurity

:	Christian Espinosa
:	The Smartest Person in the Room The Root Cause and New Solution for Cybersecurity
:	Lioncrest Publishing
:	9781544516202
:	1
:	CHF 10.70
:

:	Sonstiges
:	English

:	290
:	kein Kopierschutz
:	PC/MAC/eReader/Tablet
:	ePUB

Cyberattack-an ominous word that strikes fear in the hearts of nearly everyone, especially business owners, CEOs, and executives. With cyberattacks resulting in often devastating results, it's no wonder executives hire the best and brightest of the IT world for protection. But are you doing enough? Do you understand your risks? What if the brightest aren't always the best choice for your company? In The Smartest Person in the Room, Christian Espinosa shows you how to leverage your company's smartest minds to your benefit and theirs. Learn from Christian's own journey from cybersecurity engineer to company CEO. He describes why a high IQ is a lost superpower when effective communication, true intelligence, and self-confidence are not embraced. With his seven-step methodology and stories from the field, Christian helps you develop your team's technical minds so they become better humans and strong leaders who excel in every role. This book provides you with an enlightening perspective of how to turn your biggest unknown weakness into your strongest defense.

Chapter 0 1.Why Are We Losing the Cybersecurity War?

Knowing is not enough, we must apply. Willing is not enough, we must do.

—Bruce Lee

Did you know you have to complete 1,500 hours of training to be certified to cut hair in the state of Arkansas? (I grew up from ages 12 to 18 in Clarksville, Arkansas, so I tend to use it as a point of reference.) That’s roughly 37.5 weeks of dedicated training before you’re let loose on the general public. If you want to cut hair in Arkansas, you’ve got to be passionate about it.

Cybersecurity experts on the other hand, the people who protect all your sensitive information (medical records, credit card information, Social Security number, etc.), can pass a test tomorrow and get hired the day after. No regulations mean no proper training is required. Score 70 percent or higher on afifty-question cybersecurity quiz and you’ll receive your certification. You’re free to start work the same day, as many employers are eager to hire certified personnel.

Doesn’t this seem a bit backward?

Don’t get me wrong, I never want to get a bad haircut, but if something were to go awry, if my stylist were to accidentally give me a buzz cut or a mullet, that would be a lot easier to deal with than someone stealing my Social Security number or medical records. The fact that it’s significantly easier to get certified to protect my sensitive data than it is to cut my hair underlies the problems we’ve seen in recent years in cybersecurity. Let’s explore the causes.

Cybersecurity Certifications—Paper Tigers

Many people in cybersecurity think we are losing the cybersecurity war because of a lack ofcertified talent. They think we don’t have people smart enough to combat these cybercriminals and that we as an industry need to pay more to attract the top talent away from our competitors. They think that’s the only way we’re going to win. They believe people are the problem, because they believe there aren’tenough who are qualified. They’re referring to thequantity of qualified candidates.

It’s thequality of the candidates that’s the problem, though. The current certification process itself has led to a shortage of qualified talent. Unlike Arkansas’s beauty industry, many cybersecurity certifications are especially easy to earn. Being “certified” in cybersecurity has become something of a joke among industry leaders because anyone with an internet connection can search the web for thefifty-question,multiple-choice test and memorize the answers. Once they pass, they can quite easily get hired as an analyst or get a job protecting your data.

However, as soon as the job really gets intense, they prove they don’t have the skills needed to safeguard against cybercriminals. I can’t tell you how many times I have hired someone who looks really great on paper—has all the industry accreditations and certifications—but then looks like a deer in headlights when faced with a real problem. I call these types of cybersecurity professionals “paper tigers”—all growl and no teeth—and I try to avoid hiring them at all costs. The bar is da