Why KC7 is important to me
Working as a threat intelligence analyst is a dream come true for me. I love my job and enjoy getting to investigate new attacks every day. But the barriers to entering this field nearly made me give up on my dreams of working in cybersecurity before I ever had the chance.
My path to cybersecurity was far from certain, involving a change of careers after working over 10 years in a different field. I went back to college in my 30s for cybersecurity but wasn’t sure exactly which career path I wanted to take. Finally, nearing the end of my senior year, a path emerged: an industry professional working as a Security Operations Analyst came to my college class and talked about what it was like to do blue team work, the skills needed, and suggested we should be practicing the theory and concepts we were learning in our classes.
It didn’t feel like the industry was set up to have a non-traditional student like me succeed
I was excited to know that this career path was out there and I was enthralled by what they described, but there was one big problem. It would be a huge time commitment to even get my practice environment created and I was already working full-time to support myself while taking a full course load. Now I would have to give up the last bit of free-time I had to act as a red teamer and conduct attacks in my practice environment, just to finally get the opportunity to practice skills in the area of most interest to me, see what those attacks looked like in the logs, and discover how I might surface them. It didn’t feel like the industry was set up to have a non-traditional student like me succeed.
This path involved painstaking months of effort and research to even get started, setting up 4 different physical devices as clients and servers on my own private domain-configured network in my apartment and then adding numerous other virtual devices. Fortunxrately for me, I had 10 years of IT experience already at this point so this wasn’t too daunting, but would have been a brick wall for most students. After months of headaches setting up the network, I then spent days trying out various free Security Information and Event Management (SIEM) tools and other monitoring solutions – most with abhorrent or completely lacking documentation on how to get them functioning – until I finally found what worked for me. Now the big question is, was all this effort even worth it?
The Interview: The big question KC7 will help students answer
I graduated from university with a degree in cybersecurity at the top of my class, and now with a college degree and 10 years of IT and networking experience, getting a job should be an easy task, right?
Hundreds of applications only led to a handful of interviews over the course of six months – almost every time, a candidate with more experience was chosen ahead of me. My academic experience was insufficient for the interviewers to justify giving me a shot. I was about to give up on my dream of working in cybersecurity, but a friend of a friend in the industry showed me a position they’d seen for an entry SOC analyst position. I looked at it, wasn’t sure I had enough experience based on their requirements, and closed it. A day later, I re-opened it and decided the worst they could do was say no.
I got lucky and got an interview. The job sounded perfect, I was nervous after so many instances of being told I didn’t have enough experience for even junior roles, but I gave it my all and was doing well answering the interviewers’ questions, but then came the big question that was my barrier each and every time: “Tell me about how you’ve worked at an organization with data to investigate attacks and understand what happened.” I told them I had no direct field experience, but was able to describe what I’d done with my practice lab to investigate attacks. I got lucky and for the first time they thought it was close enough that they would give me a shot. After hurdle after hurdle of not being able to get into the field, I got my chance!
It’s the age-old problem, you need a job to get experience, but have no experience so you can’t get the job
This story isn’t unique to me; it’s one anecdote about what many students and others now face trying to break into security and why there’s a shortage of cybersecurity professionals – it’s the age-old problem, you need a job to get experience, but have no experience so you can’t get the job. For a large number of students in my cybersecurity program, they have yet to land a job in the field. They learned the theories and concepts of security, but didn’t have access to resources that would enable them to apply the knowledge in a practical setting.
Why KC7 can fundamentally change the game and remove barriers to entry.
KC7 provides everyone access to a realistic lab setting – without the major hurdles I had to go through to set up my own, and provides a path to empower people to learn what it takes to work as a blue teamer and investigate realistic attacks in an organization’s environment. KC7 is created and informed by industry professionals and designed so that it guides users through hands-on cybersecurity skills, regardless of their experience, and then shows them how to apply what they’ve learned with a large data set and do the actual work a blue teamer. Now people can investigate attacks and when the big interview question comes, “do you have experience looking through data to surface and understand cybersecurity attacks?” they can answer, YES!
For too long now, both in trying to break into the cybersecurity field myself and now on the other side interviewing candidates for potential positions, I’ve seen up close and personally how the industry creates huge barriers to keep passionate people from different backgrounds from even getting a chance. The cybersecurity field is in dire need of more diversity, and KC7 is one of the most powerful tools to face this challenge. By removing barriers to access, KC7 allows people of different races, ages, socioeconomic statuses, genders, careers, stages of life, geo-locations, and so much more to have that chance they otherwise might not get. KC7 works to level a very uneven playing field, giving all people an equal footing to show that they too have what it takes. If you have a passion for learning and problem-solving, then cybersecurity can be a career for you too!
Justin Carroll is a threat intelligence analyst who has years of expertise studying endpoint-based threats. He cares about helping non-traditional and later in life college students transition into cyber security jobs, and believes that age should not be a barrier for entry.