The cybersecurity training virus

The cybersecurity training virus

It is a sector that does not know the crisis. Cybersecurity is in full “boom” with the multiplication of cyberattacks that all companies and States are experiencing throughout the world. Multinationals, large companies, but also SMEs, 81% of companies were affected last year. The world of computer security thus recruits en masse and offers training courses that are becoming more and more numerous in order to respond to the crucial lack of well-trained candidates.

You will also be interested

Cybercrime, alas, is doing very well! This is a frightening 2019 result taken from the report of the Ministerial Delegation for Security Industries and the Fight against Cyber ​​Threats (DMISC): one in eight companies was the victim of a cyberattack last year. With the main cyberattacks, ransomware, phishing and the most common spear-phishing with 73% of cases, malware, brute force, SQL injection, defacement, DDoS, spoofing, which can bear the “sweet names” of WannaCry, Petrwrap, GoldenEye, Petya, SortaPetra, XHelper…

And the explosion of big data will not fix this cybercrime, quite the contrary! Globally, there are two million attacks in 2018 for a damage of more than 45 billion dollars. To deal with this cybercrime, States and companies are recruiting cybersecurity professionals en masse. In France, the cybersecurity sector employs 24,000 people (70% in Île-de-France), in digital, engineering, research, consulting and event companies, and 1,400 job creations are planned by 2020 in many sectors.

According to one wavestone study in 2018, France had 128 dedicated start-ups representing 1,100 jobs, for more than 100 million euros raised. An ecosystem is being set up but which is still very insufficient for the time being to deal with hackers who have found a financial golden bridge.

Professions that “run” after cybercrime

Cybercrime is therefore moving faster than cybersecurity and it appears that this situation will intensify in the coming years. Only 25% of positions are filled due to a lack of qualified candidates or professionals with cybersecurity training. Because it’s not because we are computer scientist that can be exercised in the field of cybercrime. You have to be both a very good computer scientist and a very good “e-investigator” like the “ethical hacker”, who perfectly masters all the flaws in computer security to counter malicious hackers.

Even today, therefore, many IT professionals do not have the necessary qualifications to practice in the complex world of cybersecurity, its specific skills and certifications. A deficiency due to the ignorance of these fairly new and very specialized professions and the careers offered, but also to the negative image too often conveyed of the “geek alone surrounded by screens”. However, the professions of cybersecurity are attractive, most positions are offered on a full-time permanent contract, with higher salaries than in other branches of IT. Indeed, a young graduate can be offered, upon hiring, an average monthly salary that varies between 2,500 and 3,000 € net.

Profiles sought for cybersecurity training

The real teaching in computer security, that is to say with specific titles, generally only exists in the third year of engineering studies or in Bac+5. Expert specialized in attacks, lawyer specialized in cybercriminalitydata encryption expert, cyber crisis management specialist, security architect, cryptologist, data protection officer, threat analyst, “organizational” security consultant, cybersecurity jobs are as numerous as they are varied.

But some of them are particularly sought after to ward off cyberattacks that most businesses experience. Because you not only need professionals who are able to counter an ongoing cyberattack, but also to avoid them by securing the networks:

  • The “ethical hacker”. He is the great hacking specialist and the most sought after profile. Its role is to officially infiltrate the computer systems of companies to detect flaws before the criminals take care of them.
  • Specialist in cyber crisis management. It manages attacks when they occur by trying to secure as much data as possible.
  • IT Security Architect. A computer engineer, he is the keystone for setting up the most secure computer system.
  • IT security manager. He is an expert in information protection. It defines and implements the security policy and an action plan in the event of an attack.
  • The lawyer-lawyer specialized in cybersecurity. Its role is to inform the company about the regulations in force and to support it in the event of a conflict. Lawyers defend them when they are victims of cyberattacks.

With basic training from bac+2 to bac+3

The qualifications required in IT security professions are of a high level after a bac+5 or an engineering school. However, there are opportunities at bac+2 or bac+3, accessible after training in cybersecurity, for certain professions such as auditing, security expertise, securing existing equipment.

DUT GEII or networks and telecommunications and BTS SIO or computer digital system and networks.

Note: since 2017, the military school of Saint-Cyr in Paris has opened a BTS Digital Systems, cyberdefense option.

Professional degree in computer systems security or cyberdefense, 38 professional licenses identified. Here are a few jumbled up: Computer networks, mobility and security of the IUT of Saint-Malo, administration and security of systems and networks of the IUT of Villetaneuse, Paris 13, Cyber ​​defense against intrusion of the systems of information from the Polytechnic University of Hauts-de-France, Operation and security of information systems and networks from IUT Lyon 1.

The top 5 of the best masters in cybersecurity training

The OPIIEC, the dynamic observatory of professions in the professional branch of engineering, digital technology, consulting studies for the event, has listed 150 computer security training courses, including 37 cybersecurity engineering titles. The website best-masters.com made a annual ranking of cybersecurity training both in schools and in universities and its 45 university masters.

  • 1er. Specialized Master in Cybersecurity, Centrale Supélec / IMT Atlantique, Cesson-Sévigné;
  • 2and. MS in Digital Cybersecurity, INSA Lyon;
  • 3and. MS Web technologies and cybersecurity, IMT Atlantique, Brest;
  • 4and. Specialized Expert Forensic and Cybersecurity Masters, University of Technology of Troyes-UTT;
  • 5and. Master’s degree in computer science Network engineering Mobile communications and security, Polytechnic University of Hauts-de-France.

Please note: at the start of the 2018 academic year, the University of Rennes 1 opened a Master’s in Cybersecurity for the Master School EIT Digital.

Other computer security training courses

To meet the exponential needs of cybersecurity professional profiles, training of all kinds is flourishing, born on the initiative of public structures, companies, training centers and organizations specializing in security. Here are a few :

Free courses and training, dedicated to computer security, are also offered in large numbers on the web. They do not deliver official and recognized diplomas but allow to be informed and to cultivate oneself on the subject. This is the case of the site welivesecurity which references a list of fifteen various free cybersecurity courses available in English and French. There are also MOOCs for training in computer security, such as that of theANSSI or those of the my-mooc.com web platform.

Cybersecurity, an issue for companies

Computer security has become a key issue to ensure the sustainability of companies.

Indeed, the number of attempted attacks on computer systems is constantly increasing and this is due to an increasingly connected communication environment which strongly influences the ecosystem of SMEs. Companies are opening up more and more to the world via technologies such as the cloud or hyper-mobility, which opens up loopholes through which hackers love to enter.

This digital upheaval inevitably leads to many types of threats: espionage, misappropriation, theft or destruction of information. Data leaks and other attacks can have serious consequences for a company’s reputation, image and even economic results.

To illustrate these words, it is interesting to know that in 2019 the USA estimated the damage from cyberattacks at 2.5 billion dollars.

Since the start of the pandemic, the ANSSI (National Agency for Information Systems Security) also points out that phishing attacks have increased fourfold.

Recently, it was the Hospitals of Paris which were the victims of a gigantic computer attack which made it possible to steal the personal data of 1.4 million individuals who underwent a Covid-19 test in Ile-de-France.

To reduce the risk of attacks, it is now mandatory for companies (private or public) to become aware of the importance of computer network security.

Many SMBs are starting to take action by empowering their IT departments to register for cybersecurity training, to build skills and prevent evils both internally and externally. There are also training courses eligible for the CPF which can allow you to improve your skills to improve your CV and take advantage of the increase in the search for profiles associated with network security.

The French government has announced a plan to fight against cybercrime of one billion euros to tackle the problem head-on.

Interested in what you just read?

fs4