Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC: Internet Storm Center - SANS Internet Storm Center Internet Storm Center

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Latest Diaries

Creative Hiring From Non-Traditional Places

Published: 2018-06-23
Last Updated: 2018-06-23 01:52:58 UTC
by Russell Eubanks (Version: 1)
3 comment(s)

The lead story in the SANS NewsBites from today was "White House/DHS Announce New Cyber Skills Pipeline Initiative.” The two statements below caught my attention.

1 - “The Federal Government struggles to recruit and retain cybersecurity professionals due to a shortage of talent along with growing demand for these employees across the public and private sectors.”

2 - “As agencies prioritize their cyber workforce needs, they will likely need to adopt innovative hiring techniques to ensure the best and brightest cyber talent can seamlessly enter the Federal Government.”

With the cybersecurity talent shortage, we must get creative in where we look to fill our open cybersecurity positions. Many years ago a good friend in the Human Resources department gave me the advice to hire character and train skills. For many years I have experienced success in finding team members from non-traditional areas and then sending them to learn our craft. A couple of examples include Fraud and Abuse, Help Desk and Network Operations. I found it interesting to learn from them how their former departments operate as well as learning firsthand how their department viewed the information security program. Yes, it pays to have thick skin.

From what non-traditional areas have you found talented members to join your information security team?


Russell Eubanks

ISC Handler

SANS Instructor


Keywords: cyber
3 comment(s)

If you have more information or corrections regarding our diary, please share.

Recent Diaries

XPS Attachment Used for Phishing
Jun 22nd 2018
1 day ago by Lorna (1 comment)

Are Your Hunting Rules Still Working?
Jun 21st 2018
2 days ago by Xme (1 comment)

Secure Phishing: Netflix Phishing Goes TLS
Jun 20th 2018
3 days ago by Johannes (0 comments)

PowerShell: ScriptBlock Logging... Or Not?
Jun 19th 2018
4 days ago by Xme (1 comment)

Malicious JavaScript Targeting Mobile Browsers
Jun 18th 2018
5 days ago by Xme (0 comments)

Encrypted Office Documents
Jun 17th 2018
6 days ago by DidierStevens (0 comments)

Anomaly Detection & Threat Hunting with Anomalize
Jun 16th 2018
1 week ago by Russ McRee (0 comments)

View All Diaries →

Latest Discussions

Botnet brute forcing mail accounts?
created Jun 22nd 2018
1 day ago by Anonymous (0 replies)

Simple SMTP/network routing questions
created Jun 14th 2018
1 week ago by Anonymous (0 replies)

HTTP Headers Illicit Characters
created Jun 13th 2018
1 week ago by David (2 replies)

NagiosXI 5.2.6 – 5.4.12 unauthenticated exploit chain leads to root access
created May 11th 2018
1 month ago by Remco (0 replies)

MinerPool Threat Feed info
created Apr 4th 2018
2 months ago by Anonymous (0 replies)

View All Forums →

Latest News

View All News →

Top Diaries

Wide-scale Petya variant ransomware attack noted
Jun 27th 2017
11 months ago by Brad (6 comments)

Using a Raspberry Pi honeypot to contribute data to DShield/ISC
Aug 3rd 2017
10 months ago by Johannes (16 comments)

Detection Lab: Visibility & Introspection for Defenders
Dec 15th 2017
6 months ago by Russ McRee (2 comments)

Maldoc with auto-updated link
Aug 17th 2017
10 months ago by Xme (2 comments)

Second Google Chrome Extension Banker Malware in Two Weeks
Aug 29th 2017
9 months ago by Renato (0 comments)