Tackling 5 Taboo Topics in

Cybersecurity People Management

Presented by Dave Buster

& Ross Casanova

© Global Knowledge Training LLC. All rights reserved. Page 2

Your Panelists

Dave BusterSenior Cybersecurity Portfolio

Director

Ross CasanovaExpert - Cybersecurity Engineering - CSRA

Tackling 5 Taboo

Topics in

Cybersecurity People

Management

© Global Knowledge Training LLC. All rights reserved. Page 4

Taboo Question 1

Do Cybersecurity certifications create flight risk?

• How should organizations reward staff who achieve certification?

• Why would someone leave their company after achieving certification?

• Why should a manager pay for Cybersecurity certifications if it creates a flight risk?

Conclusion: Not offering certifications can present a greater

flight risk than offering them.

© Global Knowledge Training LLC. All rights reserved. Page 5

Taboo Question 2

Do Penetration Testing and Ethical Hacking courses teach the bad guys?

• Why should we teach people to hack systems? How does that benefit an organization?

• What is the difference between White Hat, Black Hat, and Gray Hat hackers?

• How do Black Hat hackers learn their methods?

• What is a bug bounty?

Conclusion: Penetration Testing is only useful when it is used to strengthen systems.

© Global Knowledge Training LLC. All rights reserved. Page 6

Taboo Question 3

Can an organization’s Cybersecurity policy be a competitive

differentiator?

• Can you use competitive differentiation as a business case for increased investment in cybersecurity?

• Does a strong cybersecurity posture make your organization a more desirable target?

• What should your cybersecurity marketing message include?

Conclusion: It’s best to say your organization meets or exceeds

industry best practices (then always exceed!).

© Global Knowledge Training LLC. All rights reserved. Page 7

Taboo Question 4

Can Cybersecurity certifications increase an individual’s earning potential?

• Can an individual always expect to achieve the average salary quoted in industry surveys?

• What other factors affect salary in cybersecurity besides certifications?

• What is the value of a certification?

Conclusion: A certification cannot guarantee a better paying job, but the lack of one can keep you from getting one.

© Global Knowledge Training LLC. All rights reserved. Page 8

Taboo Question 5

Should your organization hack back?

• What is “hacking back”?

• What are the legal issues?

• Do organizations “hack back”?

• Are legislative changes on the way?

Conclusion: Organizations may be able to “hack back” in the

future but under very restrictive engagement scenarios.

© Global Knowledge Training LLC. All rights reserved. Page 9

Take That Next Step

Cybersecurity Product CoursesCisco, IBM, F5, Dell and more

Cybersecurity Certification Courses(ISC)2, EC-Council, CompTIA, IAPP, Check

Point, Cisco and more

© Global Knowledge Training LLC. All rights reserved. Page 10

Learning More

www.globalknowledge.com

For additional on-demand and live webinars,

white papers, courses, special offers and

more, visit us at…