Skip to main content



You cannot go a day without a cyber incident followed up with a discussion about the shortage of InfoSec professionals needed. These incidents have a lasting impact and take years for organizations to recover and some close due to the magnitude of the event.  The brand reputation of an organization can last years, not to mention the financial loss. Target, Home Depot, OPM, and Equifax are prime examples of some of the more significant data breaches that come to anyone's minds when discussing cyber incidents.  


Many reports are indicating by 2021, there will be over 3 million vacancies in InfoSec globally, with over 500k in the US alone. Fortunately, there is a push to build up the InfoSec workforce; unfortunately, most of this effort is placed on K-12 students. There is a  large group of individuals that would be perfect for a career in InfoSec, public safety.  


Most public safety has 20-year retirements, allowing individuals to retire and start a second career. Twenty years in public safety create an individual that is well versed in crisis management, security, investigations, communication, and, most importantly the ability to learn new skills. These skills, combined with learning a more technical skillset, will be invaluable to organizations looking to fill vacancies in InfoSec. 


Foundationally physical security and cybersecurity are the same; the tools are different.  Nearly everyone in public safety has dealt with an event needing to be contained. Typically for a physical event (i.e., sporting events), you need a parameter around the incident comprised of a soft closure (limited public access) and a hard closure (restricted access) around an event containing that event. The restricted access is typically controlled by specific points in the hard closure allowing individuals to gain access to the event. After the individuals have been permitted access to the restricted area, they are continually monitored, ensuring they are not performing malicious actions inside the restricted area.  Even within the restricted areas, there are still parts that are off-limits unless an individual has the proper credentials.  In a cyber world, this event would involve firewalls, DMZs, IPS/IDS, SIEM, etc. 


Many larger organizations have Security Operations Centers (SOCs) as the first stop of a security incident. No matter the level of SOC analyst there is a level of investigation needed for any incident that may occur, no matter the size of the incident. Public safety individuals have been investigating incidents for at least 20 years and have developed the ability to report on the facts while identifying the root cause of an incident.


With a couple of certifications and a little retooling, public safety individuals would excel in nearly any InfoSec position. Public safety needs to consider developing the technical skills to enter into an InfoSec industry; at the same time, the industry needs to look at public safety as a viable source of InfoSec professionals. 


GingerSec can help prepare public-safety transition to a career in InfoSec. A public safety retiree is a perfect candidate to investigate cybercrimes.


Comments

Popular posts from this blog

Construction giant gains competitive edge with zero-trust approach to security

When The Walsh Group—one of the largest construction contractors in the United States—moved to the cloud, it realized it needed better ways to manage who accesses its systems. The company set up identity as the control plane—with Microsoft Azure Active Directory at the center and a zero-trust security stance to better protect access to all its resources. Now, The Walsh Group CIO says the company leads the industry in securing access to its hybrid environment, giving it a competitive advantage. Read the article for more. Read More...

A new generation of communication tools for a new generation of Alcoa workers

At the Alcoa plant in the distant coastal town of Fjardaal, Iceland, employees relied on a magnetic board to assign and trade shifts, while standard email was used to communicate critical information from one shift to the next--both of which required people to be physically present to retrieve messages or confirm changes in shift assignments. The adoption of Microsoft Teams transformed these otherwise manual tasks into a workflow better suited to a new generation of digitally savvy Alcoa employees who all carry smartphones. With Teams, company-wide announcements are now made with the confidence that everyone will see them via their devices, regardless of location, while operational information is quickly disseminated and passed along from one shift to the next to improve processes, safety, and efficiency. Watch the video to see how Teams is delivering the future of communication to a new generation of Alcoa plant personnel.