Cyber Range Candidates share their Desires, Skills, & Support…
Understanding what motivates you…
Approximately 72 hours ago, the Cyber Range initiative shifted into next gear. Using Indeed & Form Assembly, I was able to obtain insight directly from job seekers. By referencing an externally hosted form, I was able to obtain basic information from individuals I have the initial interest of helping.
The initial form outlines the initiative and simply requests individuals who are interested in a grant-sponsored research assistant role to provide a quick contact email & a quick insight into their capabilities / desires.
The information I received was quite interesting. It reinforces a few hypothesis and I wanted to publish some of the data.
Interpreting Results
The form had 2 simple questions: 1) what do you bring to the table, known as current skills & 2) what do you want to learn, known as desires.
Out of the roughly 200 respondents who signed up to support the grant/project initiative, 67% of them indicated a desire to learn DevOps, Cloud Computing, and/or Cyber Security (Penetration Testing, Engineering, Vuln). The 3 domains this project targets makes up 67% of the respondents desires, the other domains are closely related to the Mission Statement of the Cyber Range. (Metrics Reference the Desired Skills Picture above)
When I review the skills individuals brought to the table, the 3 technical domains make up 30% of the Candidate pool actual skills. This 70% gap is what others call the “Cyber Shortage” / “Skills gap.”
Cyber Range initiatives across the industry aim to identify undeveloped talent, provide training & mentoring, then translate that knowledge into business value across enormous technical domains.
This simply requires an approach which fuels someone’s passion to succeed through adversity and failure over a lifetime. Then the technical learning becomes part of the individual “habits and rituals”.
Most are proprietary closed source for-profit, yet this open-source Cyber Range initiative is different.
A goal of the open-source project is to inspire a community of passionate technical contributors & learners. I believe we can highlighting growth opportunities, track personal development, and establishing risk-taking milestones to fuel failure/success evolution. That is what creates real business value.
Clearly there is a gap to close, so now the question is how?
Using a Training Matrix to maximize growth opportunities
In previous roles, I’ve leveraged skills / knowledge matrices to help document knowledge, identify strengths, and evolve fragmented departments into cost-saving globally resilient operations teams. This project aims to inspire the evolution of a skilled remote informally learning workforce so a similar skill assessment allows me focus on the individual’s desire across the program’s goals.
I decided to mesh the desired & current skill(s) inputs together to understand demand & identify potential training tracks.
Here’s what I see…
- Individuals who bring “DevOps” skills to the table have a strong desire to stay within DevOps and move into Penetration Testing. DevOps is the most imporant in-demand skill across a wide variety of technical domains.
- Penetration Testing, Cyber Security Engineering, and Vulnerability Replication are best grouped together yet make up just a small portion of overall responses. While one of the most technically challenging domains for this candidate base, Penetration Testing is the 2nd most in-demand set of skills.
- Individuals who bring “Sales, Marketing, Media” skills to the table are interested in 3 core areas: a)DevOps b) understanding & articulating business problems into engineering requirements [business analyst], & c) Sales, Marketing, & Media.
I believe these results suggest that the current Cyber Range applicants could benefit greatly from an informal learning initiative that provided real projected-related experience.
Now, let’s talk motivation…
You’ve read this far. Why stop now?
As an advocate for formal, informal, and hands-on learning — I’m one for embracing the process, the people, and the product — just like Marcus Lemonis says on “The Profit.”
I watch, listen, and replay YouTube, Twitter, & Instagram content often from my favorite motivational speakers, instrumental music tracks, and music playlists. It helps me recharge and focus.
As someone whose seen more failures than success in life. I’ve embraced spectacular failure and learned how to “transform bullshit into diamonds.”
To this day, I embrace the “Try Harder” & “Never Quit” mentality. I believe there are times when mental / physical training results in greatest performance peaks. I also understand the importance of rest/relaxation.
The point is — when you put our mind to it, you can establish a process, follow a ritual, & force new habits. In terms of a career, those habits are life-altering skills. My current goal is fuel a passion & to provide guidance to those who desire to put in hardwork to learn a new skill.
The difference between me and others — I’m here to challenge, not teach. That said, 90+ of applicants failed to submit the Alpha Sign-up Form nested in the Getting Started Guide of the GitHub project.
The subtle suggestion is obtain an AWS account, fill-out the sign-up form, clone the github project, and launch the Cyber Range. Don’t forget to destroy it!
About Cappetta…
I published the open-source AWS-based SecDevOps-Cuse/CyberRange project to github Feb 2019. I was blessed to have a project presentation / proposal acceptance at BSides London in June 2019. My employer, Tenable, sponsored my trip & helped secure a YouTube Recording of the Cyber Range Presentation.
My goal with the project is to clearly outlined on the github & reinforced on the Research Assistant Sign-Up form. TL;DR summary is this Open-Source project initiative will result in the submission of an NSF grant proposal to the Advancing Informal STEM Learning opportunity.
My goal is to give back to the community with an Open-Source Project and fuel the interest in the next generation of engineers and scientists.
Connect w/ Cappetta on LinkedIn
