Working with the network every day as a systems engineer for Southeastern Louisiana University, Ray DeJean is well aware of the cybersecurity threats proliferating in the field, how they’re advancing and evolving, and how important it is for advanced IT security staff to be able to think like hackers to understand the mechanics of system intrusions and keep networks safe. As an adjunct professor teaching advanced cybersecurity courses, like ethical hacking, he teaches IT students the skills – technical and creative – to handle a task that has never been more critical.
The cybersecurity realities DeJean sees in a university with approximately 15,000 students, inform more than just what he teaches in his classes. His daily observation of the threat landscape is the basis of the contributions he makes as a Subject Matter Expert (SME) for the CompTIA Advanced Security Practitioner (CASP) exam, helping set the standards for what professionals at the top levels of cybersecurity have to know to handle the job.
“If you have a person that has the CompTIA CASP certification, you can be pretty confident that they know what they’re talking about,” DeJean said.
An Advanced Cert for a World of Advanced Cybersecurity Needs
As hackers become more devious and sophisticated, advanced security professionals have to be more technologically skilled and more imaginative in their thinking than any time in computing’s history. Whereas only a few years ago, it was often easy to pick out a phishing email as SPAM for anyone short of computing novices, now malicious actors sometimes target phishing scams using personalized copy, encouraging victims to click and creating convincingly spoofed web pages to snag login credentials. But advanced methods of social engineering are only part of the problem. Hackers are also creating more virulent, deceptive malware and are on top of exploiting vulnerabilities based around deficiencies in the cryptographic protocols that keep internet traffic secure.
Top-level security professionals need to be able to identify, understand and handle the full range of technically sophisticated security threats that can hit a network. The CASP certification ensures that the IT pro who holds it can catch the most technical, least obvious attacks out there.
“We want those who earn CASP to basically know what these attacks are, what the ramifications are of having these attacks run against you and then, obviously, how you prevent these types of attacks from affecting your company,“ DeJean said.
Developing the Right Mindset and Skillset
Those interested in amassing the experience and knowledge it takes to pass CASP are a special variety, and DeJean understands exactly where they’re coming from. DeJean is, in fact, an alumni of the computer science department at the university where he now works. Back in his student days, when computing was a far more niche pursuit than it is now, DeJean did some exploratory tinkering on the network from the comfort of his dorm that made the then-administrators antsy. He quickly smoothed things over with the school’s IT team (so much so that they ended up hiring him on after he graduated). But the experience gave him insight into why IT security is so important.
Out in the ether of the internet, the unknown can cause panic. And the more that computing technology has become central to our daily lives and businesses, the scarier a place the internet can be. But the key to demystifying it, and securing it, is IT knowledge.
“Basically people are scared because they don’t know,” DeJean said. “So if I can increase their knowledge, I can help them be less scared and more prepared for things.”
Setting Top-Tier Cybersecurity Standards
DeJean has spent his career increasing that knowledge and helping individuals, institutions and industries be prepared. His ongoing contribution to keeping the internet safer is three-fold. Managing a team of eight, he keeps Southeastern Louisiana University’s networks safe from attack, while keeping them as open as possible, to let students take full advantage of the internet. In the classroom, he teaches students the ins and outs of systems so they’ll recognize a cybersecurity threat when they see one. And as a CompTIA SME, he helps build out the CASP exam to make certain that as fast as new and more technically complex cybersecurity threats proliferate, the industry has clear benchmarks for assuring that high-level IT pros can handle them.
“[CASP] really shows that you are what the title says – you’re an advanced security practitioner,” DeJean said.
Do you have what it takes to be a CompTIA Subject Matter Expert? If you’d like to share your knowledge and expertise to influence the development of CompTIA exams, read more about becoming a CompTIA SME and apply online.
Matthew Stern is a freelance writer based in Chicago who covers information technology, retail and various other topics and industries.
This article was originally posted on the CompTIA blog.