Mapping training and certification to cybersecurity job roles
There’s good news and bad news: The good news is that the cybersecurity skills gap has narrowed by almost a million skilled workers, according to the 2020 Cybersecurity Workforce Study conducted by cybersecurity professional association(ISC)². The bad news is that a gap of slightly more than 3 million such professionals remains.
To fill the current shortage, it’s estimated that employment in the field now needs to grow by approximately 89 percent worldwide, and 41 percent in the U.S. specifically. Organizations with cybersecurity hiring needs must adopt a two-pronged approach to fill the ongoing gap.
First, they must make a concerted effort to nurture the cybersecurity professionals who are already in the fold — encourage them to expand their skillsets and continue growing beyond their current roles. Second, they must seek out nontraditional employees who can make the switch to a cybersecurity career. Both options require continuous learning and professional growth.
To further facilitate the career transition into cybersecurity and the closure of the skills gap, Fortinet has created education pathways through Fortinet’s NSE Training Institute, which empowers individuals to navigate their educational journey from training to career and helps organizations upskill employees to meet changing business needs.
Pathways that close the gap
Fortinet has developed tailored learning roadmaps, called education pathways, with common starting points that guide individuals toward their end-goal to various cybersecurity job roles. These pathways can guide the growth of security professionals whether they are recently graduated, in mid-career or switching from another profession into IT or cybersecurity.
For instance, if someone is currently knowledgeable on firewall security but wants to focus on cloud security, then it’s useful to know what other skills may be required for this new position. Likewise, if an organization needs to fill a certain position and wants to upskill one of its employees, it is helpful to know exactly what training is needed to help this employee fill that position.
Each of the education pathways Fortinet has designed helps to align training and certifications with cybersecurity job roles defined in the Cybersecurity Workforce Framework developed by National Initiative for Cybersecurity Education (NICE), a division of the National Institute of Standards and Technology (NIST). Each pathway outlines how courses can increase experience and seniority in specific work role areas, plan for a career advancement or help make the transition into cybersecurity.
Fortinet has defined four pathways for learners to follow into some of the most critical technology areas in the industry. Each pathway is organized to provide individuals with direction to learn the skills necessary for each area of interest: AI-driven security operations, security-driven networking, adaptive cloud security, and zero trust access.
AI-driven security operations — Fortinet uses artificial intelligence of varying types, in various locations, from the global threat intelligence in FortiGuard Labs to inline security controls deployed throughout the organization, as well as in centralized advanced threat detection and response in the SOC. Advanced analytics help an organization’s security solutions and teams keep pace with an accelerating threat landscape.
Security-driven networking — Network security refers to the technologies and policies used to defend any network, network traffic, and network-accessible assets from cyberattacks, unauthorized access, and data loss. It must protect both at the edge and inside the network, with a layered approach.
Fortinet NSE courses for this subject include how to use FortiGate features and how to implement, troubleshoot and centrally manage an enterprise security infrastructure composed of multiple FortiGate devices.
Adaptive cloud security — As cloud adoption accelerates, organizations are increasingly reliant on cloud-based services and infrastructures. Yet, organizations often end up with a heterogeneous set of technologies in use, with disparate security controls in various cloud environments. Fortinet’s Dynamic Cloud Security education pathway aligns with many NICE Cybersecurity Workforce work roles.
Zero trust access — Network administrators must adopt a zero trust approach to network access. Fortinet Network Access solutions offer the necessary device security to see and control all devices and users across the entire network. With proactive protection, organizations can ensure their networks are secure from the latest threats. This pathway teaches participants valuable skills in zero trust access, including how to leverage the capabilities of FortiNAC, using best practices for achieving visibility, control, and response.
Certifications for stronger security
Though progress is being made to close the cybersecurity skills gap, more than 3 million jobs still lie vacant. Organizations today have the opportunity to take their place at whittling down this number by doing two things: educating the staff they already have and recruiting those who would like to transition to the cybersecurity field.
Individuals in both of these groups require training. Fortinet’s NSE Training Institute is designed to provide them with skills that lead to valuable industry certifications.