12 Skills Every Security Administrator Needs for Success (and How to Learn Them)
Hackers are industrious people. Staying ahead of their thirst for sensitive data requires a diligent approach to managing cybersecurity for your organization. Yet, many companies lack the people and skillsets needed to carry out this critical task, leaving them vulnerable to attack. In fact, many high-profile breaches prove that weak security practices or even simple human error can leave a door open for those looking to profit from confidential corporate information.
The good news is you can build your security know-how over time with the right training, certifications, and resources. As a starting point, here are 12 skills to master so you can become your business’s best weapon against intrusion and data breaches—and the costly downtime and customer issues that can result from them. It’s important to note that these skills are relevant whether you’re responsible for IBM i or any other OS.
1. How to meet compliance requirements
Many companies are required to comply with mandates like PCI DSS, GDPR, SOX, HIPAA, NIST, and others. While the details vary for each law or guideline, in general how you protect your information, track file sharing, manage user access to sensitive data, and document activities are key capabilities. Understand exactly what’s expected of your organization and then educate yourself on the solutions available to help you to achieve compliance and maintain an audit trail.
2. How to authenticate users and lock down access control
Although your employees are key to your company’s success, they can also be a threat to the health of your IT infrastructure. Unfortunately, it’s not uncommon for employees to take advantage of weak security controls to gain unauthorized access to information they then use for illegal gain. Understand how multi-factor authentication (MFA) provides security benefits far beyond passwords. Because an MFA login requires an extra verification step, you have more confidence users are who they claim to be. Additionally, locking down which users can access sensitive data—often assigned by role—minimizes the chance of the wrong person looking into private files. This is accomplished through a rigorous approach to identity and access management, another important concept to beef up on.
3. How to administer virus protection
Although virus protection seems like an easy first stop on the road toward a secure infrastructure, many teams fail to implement it. Virus protection should be applied not only to user workstations, but also to servers. Understand why viruses aren’t just a “Windows problem” as many believe. Server-level virus protection prevents malware and viruses from infecting your system by running natively on your IBM i, AIX, and Linux machines. Educate yourself on malware and learn how to establish a strong layer of protection across your environment.
4. How to leverage automation
Automation is an excellent way to complete manual, time-consuming security tasks that otherwise take hours of precious time away from your IT team. Not only can automating tasks free employees to work on higher-value projects related to security, it can also reduce or even eliminate human error. Security policy enforcement is a good candidate for automation that lets you keep an eye on your security configuration.
5. How to maintain data integrity
Know how to implement practices such as that ensure critical data can only be viewed and altered by authorized employees in an approved method. Understand the difference between baseline and real-time monitoring techniques and what will work best for you to guard file integrity. This may include application files like server configuration and employee or financial data. Being able to monitor and report on noncompliance can highlight security issues while keeping your organization compliant with several of the above-mentioned regulations, notably PCI DSS.
6. How to implement data encryption
If hackers somehow manage to infiltrate your organization and obtain sensitive information. Encryption makes your data unreadable for anyone without the proper “key” to unlock it. Learn how this additional layer of security can diminish the impact or scale of a breach. Then you can put the right protective measures in place to meet requirements for SOX and PCI DSS. Learn about encrypting data in transit and at rest, and what makes sense for your organization.
7. How to detect intrusions
As awful as it is to think about an intrusion happening, it becomes exponentially worse the longer it’s going on without anyone knowing about it. Protect business-critical data from winding up in the wrong hands by implementing ongoing monitoring for suspicious access attempts. Understand how to identify, block, and log unauthorized activity. This may include relying on a SIEM solution that helps you determine which activities are potential threats and which are just noise.
8. How to respond to security incidents
Your organization should have a crisis plan in place detailing the steps that should be taken company-wide regarding a breach. This would include how to communicate with employees, customers, partners, and other stakeholders. No one wants to imagine their organization getting breached, but advance planning is essential. Without a plan, you risk running afoul of regulatory requirements, botching your communication strategy, and raising questions with shareholders and investors. Having a plan minimizes the chance of overlooking important steps.
9. How to think like an attacker
Most security vulnerabilities won’t go looking for you—you have to find them. With a comprehensive , you can find security gaps that otherwise would have gone undiscovered. Put yourself in the mindset of a hacker motivated to steal or corrupt your organization’s most sensitive data, and consider all the ways an attacker could exploit your vulnerabilities. By anticipating an attack, you can take corrective action before a data breach occurs. Penetration testing is a great way to validate your vulnerabilities and prioritize security risks.
10. How to manage projects under pressure
This is a big one from a “soft skills” standpoint. IT pros are no strangers to having monumental workloads and insufficient resources, particularly when it comes to security. In addition to implementing technology solutions that help you keep your cybersecurity fortress strong on all fronts, you have to be able to manage your time well when the clock is ticking. This is exceptionally important if your monitoring capabilities pick up a potential threat or issue that needs immediate investigation and response.
11. How to communicate effectively
Knowing how to communicate orally and in writing with your peers, managers, and organizational leaders is essential for security professionals today. This is because you may be educating your co-workers on topics they aren’t familiar with and need to understand. You may also need to establish the business case for organizational changes or new technology that will dramatically improve your company’s ability to prevent or respond to security incidents. Those tasked with maintaining corporate security have to continually bang the drum about why having the right security protocols, monitoring, and intrusion prevention approach is the only way to secure sensitive information as well as your good standing in the market and among your customers.
12. How to stay on top of a fast-changing security landscape
Hackers—and opportunistic employees—keep finding new ways to access sensitive corporate information and sell it on the black market. Sometimes it may feel that staying one step ahead is an impossible feat. But it can be done. Make sure you keep an open mindset to learning about changes in the industry, including the latest threats and the solutions available to prevent, detect, and shut them down quickly.
Training Resources for Security Admins
You may already be familiar with industry training and learning opportunities, but here are a few organizations that offer certifications to help you enhance your skills. We’ve also included where to learn more about project management and communications.
(ISC)2: This international membership organization is comprised of security leaders. They are considered a beacon in the industry for their education and training programs, including the gold standard CISSP certification. (ISC)2 also offers information for the general public through the Center for Cyber Safety and Education.
CIO.com: This online publication is a great resource in general for security professionals, but they have a great article on how communication serves IT teams. They also offer resources about project management.
CompTIA: This is a hub for advancing the technology industry and its professionals. They offer many great resources and industry stats, including certifications and training opportunities.
EC-Council: This group covers a variety of cybersecurity areas with their wide list of training opportunities and certifications.
GIA Certifications: This organization offers certifications for cybersecurity as well as management, audit, and legal training.
IACRB: The Information Assurance Certification Review Board follows ISO/IEC 17024 standards and offers a many certifications with a hands-on component.
IAPP: The International Association of Privacy Professionals is a global information privacy community and resource with a bevy of training and certifications for individuals and teams.
InfoSec Institute: This group offers more than 100 courses from some of the organizations listed here and others such as hardware and software vendors. Choose from various IT and security bootcamps as well as security awareness and anti-phishing content.
ISACA: This independent, nonprofit, global association, engages in the development, adoption, and use of globally accepted, industry-leading knowledge and practices for information systems. They offer a variety of certifications.
The Project Management Institute: Becoming a certified Project Management Professional (PMP) could be valuable if you will be running high-profile security projects on an ongoing basis. Likewise the American Management Association offers related coursework.
Check out the State of IBM i Security Study for the latest data on how IT pros around the world are securing their IBM i servers.