Cyber Security Industry

Question 1

What are the three qualities a cybersecurity professional should have?

Answer 1

1. Technical expertise (e.g. cryptography, network defence)
2. Managerial expertise (e.g. planning, policy development, regulatory compliance, etc)
3. Soft skills + adaptability (e.g. teamwork, communication, resource allocation, conflict management, etc)

Question 2

What are the seven knowledge areas of cybersecurity?

Answer 2

1. Public policy - policy, laws, regulations, etc
2. Research - Academia, investigating vulnerabilities and solutions
3. Software development - Secure coding practices
4. Management - Overseeing security operations and incidents
5. Procurement - Selecting secure IT systems and personnel
6. IT Security Operations - implementing security measures
7. Enterprise Architecture - Managing systems and infrastructure

Question 3

What is the NICE workforce framework and how does it relate to the seven application areas of cybersecurity?

Answer 3

The NICE workforce framework is a set of structured job roles to help define cybersecurity positions.

Knowledge areas is cybersecurity conceptualised across different domains, NICE is how the cybersecurity knowledge/expertise translates into real-world jobs.

Its an abstraction that bridges theoretical knowledge with career structures.

Question 4

Explain the need for universal security regulations

Answer 4

Industry specific regulations solve individual problems but introduce inconsistency and no baseline protection across industries.
Universial regulations aim to fix this(e.g. EU’s NIS) to standardize regulations and reporting incidents to provide a baseline of protection. if an industry needs more, then they would simply build upon it.