THE FULL STORY
One Company Helping Many
For the average business, IT security is an intimidating and time-consuming space with vast margin for error and dire ramifications if protocol isn’t followed. The global average cost of a data breach sits at $3.9 million and requires an average of 279 days to identify and contain1. In reality, many businesses struggle to grasp, let alone manage, the nature of the threats facing them, and often turn to a third party for cybersecurity expertise. For a company that prides itself on the ability to keep other businesses safe in the digital space, world-class cybersecurity is a non-negotiable way of life and getting it wrong isn’t an option. Secureworks is one such company, based in Bucharest, Romania, whose stated mission is to protect organisations in a digitally connected world using sophisticated threat detection software and drawing from over twenty years of expertise in security consulting. One of the biggest challenges they face is how to ensure that they maintain consistent quality and service for their clients. This has been of particular importance as they grew their presence from 40 to 700 employees in just four years. With that kind of rapid growth and a diverse workforce, it was essential that they find a common IT language for existing and new employees alike.
Finding a Cybersecurity Playbook
In order to build a diversely talented and well-rounded team in a relatively small market, Secureworks has historically employed people with a wide variety of IT backgrounds. Sometimes that has meant recruiting from outside of traditional cybersecurity roles and from diverse industries. Naturally that means new hires don’t always come equipped with a fully stocked cybersecurity vocabulary. Someone from another industry who is highly experienced in dealing with clients, for example, might require some work to reach the baseline for cybersecurity knowledge before being fully prepared to handle the job requirements. On-the-job training is increasingly a part of the employment landscape, particularly in the IT realm where threats evolve daily and “expertise” is a moving target. In the case of Secureworks, CompTIA Security+ certification tool offered a viable solution to their problem of building and maintaining a fresh and consistent cybersecurity knowledge base that teams could use to provide top-notch service to their clients. With its performance-based and real-world scenario questions, learning happens seamlessly in Security+, and assessment feels natural. Secureworks chose CompTIA from a variety of providers because of the consistent curricula within Security+, which covers a wide array of concepts in one convenient space. Secureworks chose to use Security+ in conjunction with CompTIA certification prep tool CertMaster Practice. With CertMaster Practice questions conveniently organised around exam objectives, Secureworks employees can feel confident that they have fully prepared for the exam. CertMaster Practice also identifies a user’s areas of strengths and weaknesses, helping them be more efficient in their exam preparation by spending time reviewing areas of deficiency
On-the-Job Learning Is a Necessity
“In the first month after someone joins Secureworks, they need to prepare to deliver to the client, but also to start working on their certification,” explained Cristian Zaharia, Security Operations Manager at Secureworks. “With Security+, they don’t have to rush. We want to give our people the chance to choose their path and development areas. Security+ lets them do that and gives them a full year before their exam.” Secureworks teams use Security+ to do spot checks of employee knowledge in various specific cybersecurity issues. For example, Zaharia shared, he might assign a team member to research CAPTCHA security technology via Security+ and then ask them to present back to the team on emerging trends in that area. In this way, knowledge sharing in and amongst teams is a constant. This kind of collaborative work and learning environment is vital to helping them best serve their clients’ ever-changing cybersecurity needs.
A Gold Standard for Cybersecurity Knowledge
Nearly three-quarters of Secureworks’ employees hold Security+ credentials at present, with some 500 credentials held company-wide. While Security+ isn’t the only certification Zaharia’s team relies on, as a vendor-neutral offering, it’s widely considered to be the gold standard for cybersecurity.
“CompTIA helps our people become better analysts,” he shared. For his employees and colleagues, it provides not only upskilling and certification, but a direct pathway to promotion for many hoping to move from Analyst to Senior Analyst. As the company grows, this kind of consistent learning and growth tool will be a must. In cybersecurity, that’s more than half the battle. – Cristian Zaharia , Security Operations Manager at Secureworks
© 2020 CompTIA, Inc. All rights reserved. All certification programs and education related to such programs are operated exclusively by CompTIA, Inc. CompTIA is a registered trademark of CompTIA, Inc. in the U.S. and internationally. Other brands and company names mentioned herein may be trademarks or service marks of CompTIA, Inc. or of their respective owners. Reproduction or dissemination prohibited without the written consent of CompTIA, Inc. Printed in the U.S. 07507-Feb2020
¹ “Cost of a Data Breach Report: 2019”, Ponemon Institute, (2019), https://databreach calculator.mybluemix.net/executive- summary
Powered by FlippingBook