Picture this: you just moved into a new apartment with neighbors you don’t even know and on a street that you’ve never even heard of until you came across the apartment listing. One night in your first week, you forgot to lock your door.
Because it’s just one night, you’ll likely be fine.
Then again, you might also wake up without your television—among other things missing.
The keywords here are “likely” and “might.” Put simply, chance dictates your security, along with how safe your neighborhood actually is.
This is the gamble that a lot of companies face today, and it’s because of this that they’ve been on a mad dash to fill cybersecurity jobs. And we built our Cyber Defense Analyst (CDA) Bootcamp to meet this demand.
Why Learn Cyber Security?
The World Economic Forum identified infectious diseases, livelihood crises, and extreme weather events as the top three clear and present dangers to the world. It also named a fourth threat on the horizon: cybersecurity failure.
If it were measured as a country, then cybercrime—which is predicted to inflict damages totaling $6 trillion globally in 2021—would be the world’s third-largest economy after the US and China.
If these aren’t alarming enough, the cybersecurity industry is also in dire need of skilled defenders. In numbers, the need is estimated to equal 3.5 million unfilled jobs in 2021 alone. Yet among those who apply, MIT Review says that “fewer than one in four are even qualified.”
What’s Causing the CyberSecurity Skills Shortage?
Rob Noeth, co-founder and Chief Technology Officer of Level Effect, has a blunt answer:
The cybersecurity job market is a mess. Employers are unsure of what credentials and background prospective employees need before their first day on the job, and folks new to cyber have no clue what employers are looking for.
The mess, says Level Effect Chief Operating Officer Anthony Bendas, can be traced back to the training that cybersecurity professionals receive.
The majority of the training and education market is heavily toward training you in ethical hacking and penetration testing skills, which is a minor subset of cybersecurity (maybe several-percent margin in total available jobs). The reality is that fundamental IT knowledge of operating systems, computer and networking architecture, and knowledge of adversary tactics is what you really need.
Because of the gap in the job market, both Rob and Anthony agree that today is as good a time as any to become a cybersecurity professional. There's a caveat, though—you have to get the right training, as Anthony notes:
It was the right time to learn cybersecurity 15 to 20 years ago before the web application boom and ubiquitous adaptation of smartphones and social media. We’re still playing catch up, having not made this field more of a focus back then.
There’s more to this than urgency. For Greg Ake, Level Effect co-founder and Chief Executive Officer, it’s also about pursuing a job that offers fulfillment:
Beyond the number of available positions and the potential lucrative salaries and benefits, there is the opportunity to have a purpose that helps businesses, our community, and perhaps our nation.
This career is a battle between those who wish to harm and those who are trying to limit that harm while still operating in harm’s way. It’s a game of spy versus spy where human wit and ingenuity come head-to-head and you can have a chance to help turn the tide in those efforts.
And all of them—Greg, Rob, and Anthony—are leading the effort in training the next generation of cyber defenders with the skills they’ll actually need in the workplace.
Meet Your Level Effect Instructors
To say that the instructors at Level Effect are skilled is an understatement.
Classes in the Cyber Defense Analyst Bootcamp are facilitated by Greg and Rob themselves, both of whom served a combined 25 years working primarily for the National Security Agency (NSA).
Joining them is Anthony, who comes from eight years in management and six years in security roles for several industries, and one other instructor (Will Nissler) who graduated from the bootcamp. Put together, you get training that’s equal parts challenging, practical, relevant, and flexible to your learning needs.
Learning takes place remotely at Level Effect, during which students put in at least 20 hours of coursework for 14 weeks. The coursework includes two-hour live online lectures in the evening from Monday to Thursday and hands-on lab exercises that increase in difficulty as they progress through the course.
For a beginner, the demands of the program might seem jarring. But the bootcamp is rigorous for a reason, as Rob explains:
At Level Effect, we’re against just teaching people how to use tools and click buttons. This is how a majority of the industry trains people. Obviously, teaching a person how to fish is much more beneficial than teaching them how a fishing pole works.
To ensure that students have a firm understanding of the field, Level Effect instructors approach the process of learning cyber defense the military way: Crawl, Walk, and Run.
What’s It Like to Learn from Level Effect Cyber Defense Instructors?
To put it simply, Level Effect’s teaching method calls for starting small and slow and then increasing the complexity of the training incrementally. This way, critical concepts become more memorable to the student.
As Anthony notes,
Every day is a day of development and growth [at Level Effect]. [It’s about] becoming better than the day before through manageable incremental gains.
1. Crawl Back to the Basics of Cyber Security
This is why Level Effect instructors take a first-principles approach to teaching cybersecurity. By first focusing on the foundational aspects of cybersecurity, students will be better equipped to handle more complicated tasks as they progress through the course.
Rob explains what this looks like:
For example, to understand how malware works, you need to understand what it needs to function. The malware needs to run in some fashion. It needs to communicate on the network somehow to send data back to the hackers. And it needs a way to stick around on the system in case the computer restarts.
We teach students to look for these traits, because 99 percent of the time, they’re going to find the bad stuff.
We teach them to solve real cyber challenges while adding techniques to their toolbelt. As we continue in the program, we expect students to use all these new tools in their investigations.
It is hard to learn this field if you are exposed to a long list of tools. You become reliant on them, do not understand how they fully work, and further do not understand what is happening behind the scenes.
Just imagine knowing how to use a calculator without understanding how addition works or how to do it by hand. Once you take away the calculator, you lose the ability to add. Greg continues:
We have students work with raw data and learn how systems, protocols, and malware operate at a fundamental leve. In the end, the students will know how to use relatively any tool they prefer because they know how everything works.
This is also where the instructors meet the students where they’re at. Not all students learn the same way or on the same day. It’s therefore up to the instructor to teach them in a manner that they’ll understand.
For Anthony, this starts with “knowing [the students’] names, who they are, why they’re here, and what makes them tick.” By getting these down, instructors can determine how best to personalize the students’ learning and ensure that their needs are being met in the moment.
As the students’ foundations get stronger and as the instructors get to know them better, the latter can then guide the students as they take their first step toward becoming bona fide analysts.
2. Walk the Walk with Realistic, Hands-On, and Personalized Training
The Walk phase is where Level Effect instructors widen the scope of learning and expose students to more challenges. Students get more room to master the fundamental concepts of the field while also shaking hands with the more advanced topics.
In doing so, they learn to improvise, discover multiple ways to approach a single problem, and gain the confidence they need to solve more difficult tasks.
Greg explains what this looks like in the bootcamp:
We expose students to complex scenarios early in the course and use instructor-guided instruction to walk them through these scenarios. We continue to challenge them with similar problems while also expecting them to improve in their analysis and reporting of their efforts.
It is an iterative process of exposing them to new scenarios and having them apply their previously learned techniques so they can determine for themselves what their knowledge gap is.
For instance, say the students are given a network data capture file and must analyze the traffic for signs of a breached computer. Using their previous techniques, they can find the potentially malicious traffic but are unable to confirm it is malicious. We discuss in class how far they got, what they saw, and what they feel they are missing to fully answer the question.
We then move on to show them how to do network forensic analysis to extract key indicators and evidence from network traffic. They then are required to review that previous challenge and solve their newfound forensic skills.
It’s also during the Walk phase that students move beyond the technical skills and onto becoming well-rounded analysts. This includes learning how to navigate the complexities of interpersonal skills in a technical working environment:
Tools and technologies are always evolving and changing. So knowing how to work well with others, not being afraid to share new ideas, or ask what may be felt as a ‘dumb question’ are core keys to success.
One way they train students for this is through contextual reporting.
Each student must prepare reports, explain, and show their work in class [Instructors] provide corrections and new expectations and [the students] improve that report. They then have created a new baseline for report quality that we expect of them in the course.
3. Run and Solve Cyber Threats at ‘Combat Speed’
The Run phase is where the rubber really hits the road. At this stage, strategic communication and problem-solving should be second nature to the students.
Much of what happens in this phase involves constant exposure to challenges that come with slightly different sets of requirements. The challenges compel students to reinforce all the skills they learned throughout the program.
The skills, therefore, become “grooved” in their brain and become muscle memory, so to speak, and not just a one-off thing they did while in school.
This, says Greg, is “as close as you can get to working in a real-world security team. It’s all about applying what you know, identifying what you don’t, solving for X, and winning the day.”
The goal is that by exposing students to the demands, stress, pressure, and challenges that cyber security professionals face, they’ll know how to perform effectively once it’s their turn to confront a real-world cyber threat.
Feedback lies at the center of this Crawl-Walk-Run approach, as Greg notes:
Holding students accountable for their work while not leaving them in the deep end is our general motto for their continual self-improvement in this endeavor.
So far, the approach seems to be working, Rob says:
It’s always great to hear a previous student update you when they land a new job in cyber. When students tell us that they were able to ace an interview, or that they actually exceeded the expectations of the interviewers for the gig. That’s how I know we’re on the right track.
Anecdotally, we hear from students who say they had a deeper understanding of the Windows Operating System and malware intricate than their technical interviewer.
Lessons of the Day: Tips for Aspiring Level Effect Cyber Defense Students
Greg offers up this tip:
Be ready to be a lifelong learner in the field. Regardless of any bootcamp you attend, remember that a bootcamp, by design, is meant to provide practical and applicable skills to your toolbelt.
Have a positive attitude and be ready to be a lifelong learner in this field. This industry is ripe with lessons learned and unfortunate examples of how we can do better. If you want to try and make things better and don’t mind the struggle along the way, you’ll do just fine. Put in the effort and you will succeed.
Rob also has some words of advice:
Cybersecurity is hard. But if you’re passionate about cyber and want to make a difference in helping protect organizations and the people, you’re in the right place. Even if you don’t come to Level Effect, put in the effort and you will succeed.
The cyber security industry is still in its infancy and will continue to grow and evolve to encompass more enterprise roles that have traditionally been avoiding adding security to the mix. Not only do we need more security-conscious individuals, but we need well-trained defenders that aren’t just trying to be the next neo from The Matrix.
Level Effect's third instructor chimes in with some advice:
Just show up.
If you want to do some good in this world in the form of honest work with knowledge and skills you develop and specialize in over time; if you’re curious by nature, and enjoy solving puzzles; if you want to be the person others rely upon to feel safe and succeed; if you enjoy technology and learning how things work; if you have a detective nature in you to follow clues, then cybersecurity is likely a good fit for you.
Just show up and we’ll get you to where you need to be.
Level Effect: It’s a Crawl, Walk, and Run to the Top
Level Effect embraces a teaching approach that values learning, not the credential. This is evident in how the instructors teach in a manner so deliberate and thoughtful that students enter the workforce with skills that can readily tackle the threats and challenges in the cybersecurity industry.