5 Types of Cybersecurity Skills ITOps Engineers Should Have


Cybersecurity is generally not a core job responsibility for IT operations engineers. Yet to say that IT engineers don’t need to know much about cybersecurity would be like saying that chefs don’t need to understand how the front end of a restaurant works, or that painters don’t have to. no need to know how to patch holes in the walls.

Indeed, today more than ever, IT engineers must be able to think and act like cybersecurity experts, if they want to help stop the an ever-increasing number of cyberattacks that companies face.

To that end, let’s take a look at the key cybersecurity skills, tools, and concepts that IT engineers need to understand. While ITOps teams aren’t primary “owners” of any of these types of cybersecurity domains, they need to understand how they work and how they relate to core IT operations processes.

Cloud infrastructure security

It turns out that a significant number — more than ten% — modern cybersecurity vulnerabilities are not caused by real security vulnerabilities. Instead, they result from cloud misconfigurations, such as insecure access control policies or a lack of encryption, which allow attackers to break into cloud environments without really having to do so much. effort.

If, for example, you accidentally make an S3 bucket containing sensitive data available to the entire internet, no one really needs to “hack” you in the traditional sense to steal your data. You’ve already put it out in the open so they can take it as they please.

Since IT engineers are typically the people who set up cloud environments, understanding these risks and knowing how to manage them is an essential cybersecurity skill for anyone working in IT. That’s why IT operations teams need to learn the ins and outs of cloud security posture management, or CSPM, the discipline of tools and processes designed to help mitigate misconfigurations that could cause security vulnerabilities.

They must also understand cloud infrastructure entitlement managementwhich complements CSPM by detecting the types of risks that CSPM cannot manage alone.

internet security

IT engineers also often take on the design and configuration of networks, especially in smaller organizations that don’t have a dedicated network engineering team.

Without a thorough understanding of the security implications of network architectures, IT operations teams are susceptible to security mistakes. This is especially true given the highly complex nature of modern networks, which typically involve a variety of abstractions such as VPNs, virtual private clouds, network peering configurations, and more.

So, even though network security is not the main area of ​​interest of an IT engineer, one of the crucial cybersecurity skills that ITOps teams must possess is how to harden network security, even in the current context. world “without perimeter”.

Anti DDoS

Even well-designed networks that are resistant to intrusions can be vulnerable to Distributed Denial of Service, or DDoS, attacks that aim to take workloads offline by overwhelming them with illegitimate network requests.

For workloads to operate reliably, IT operations engineers must have at least a working knowledge of anti-DDoS techniques and tools.

Typically, anti-DDoS strategies boil down to deploying services that can filter and block hosts that might try to launch a DDoS attack. These services can often be obtained from cloud providers or third-party platforms that specialize in DDoS protection.

End User Security

Much more than developers or security engineers, computer engineers often serve as the interface, so to speak, between end users and computer systems.

This means that IT engineers are in a special position to help mitigate security risks that may result from end-user errors – like falling victim to phishing schemes or not following password management best practices.

Thus, learning the role end users play in cybersecurity and devising ways to apply best practices between them should be at the forefront of IT teams.

Security Analysis

Much of the data that powers security analytics tools, such as SIEM and ASCEND platforms — comes from the systems that IT teams set up and manage.

That’s why, even if IT engineers don’t actually use SIEMs and SOARs (instead, that task is usually left to security experts), the IT team should at least understand what types of data enable it. security analysis, how it is collected, and what IT engineers can do to ensure that this data is always available and of high quality.


There are other areas of cybersecurity (such as application security, which developers should know more about than IT engineers) that don’t overlap with IT engineers’ responsibilities and skills as much.

But when it comes to those areas of security that are closely related to IT, IT engineers need to have a basic understanding – if not a full grasp – of the risks their organizations face and the tools and practices that can solve them.

Source link


Comments are closed.