Don’t be Hacked: 5 Cyber Security Skills Your IT Team Needs to Master

Mike Meyers

Udemy for Business IT Instructor and President of Total Seminars LLC

May 23, 2017

Recent high-profile security breaches like the WannaCry ransomware attack on May 12 have put cyber security at the top of every company’s agenda. Within a day, this one attack hit an estimated 230,000 computers in 150 countries. Yet cyber security is a critical IT skills gap facing companies today.

According to the 2016 Global Cybersecurity Survey, 45% of IT executives say it’s difficult to find IT candidates with adequate cyber security skills and 63% say new graduates lack the necessary skills. Since hiring the right cyber security talent is challenging in today’s labor market, companies will need to address this current skills shortage by training and upskilling their own IT teams.

5 cyber security skills missing on IT teams

Here are 5 critical cyber security skills missing on IT teams that you should focus on developing before you’re the next one hacked.

1. Think like a security architect

In the world of IT security, I can always find a guy like me with the technical skills to set up a VPN or router. But the cyber security skills lacking in the IT workforce today is the ability to see the big picture from a security point of view. IT teams need to be able to develop an organizational plan or risk management framework to minimize security breaches. If you don’t do this, you’re just patching up holes.

My Security+ course on Udemy gives IT professionals an in-depth understanding of security risk management that goes beyond just technical skills. This kind of training enables IT managers to say “here are the 17 things that are important for our security and here’s how we’re going to implement them at our company.”

IT professionals need to be able to manage the breadth of cyber security issues from risk management and regulatory compliance to encryption, authentication, and data security. While large companies have access to a small set of highly skilled security architect consultants, most companies simply rely on in-house IT teams to manage this complex issue.

2. Understanding the “Internet of Things”

The security threat posed by the Internet of Things is no longer science fiction, but a reality. All sorts of devices in the workplace from printers and copiers to smart watches and climate control systems now communicate with the web. These internet-connected devices provide an easy “access point” for hackers to infiltrate your company’s network.

This new threat posed by the Internet of Things is a complex challenge and headache for IT professionals, and many lack the necessary cyber security skills. The industry desperately needs more IT staff knowledgeable about the Internet of Things from a security point of view. Most of these diverse devices can’t be integrated with conventional IT security hardware and software protections. For example, perimeter-based solutions won’t work as apps and personal devices can no longer be contained behind a “firewall” inside a company’s network. As a result, it can be difficult to implement an effective security strategy.

In order to overcome this rising security threat, your IT team needs to be well-versed in Linux, Android, and PowerShell as it relates to security and hacking threats. In this rapidly evolving space, they need to stay up to speed on alternatives to firewalls like cloud-based protective shields and new security tools that have worked for mobile employees. IT pros will also need to be skilled in vulnerability assessments, public key infrastructure, ethical hacking, wireless network security, data ethics and privacy policy.

3. Lack of IPv6 security knowledge

Assigning IP addresses to devices is shifting from the old IPv4 system to the new IPv6 system. But IPv6 introduces a whole new set of risks and most IT professionals aren’t well versed enough in IPv6 to mitigate these security threats. Under the new IPv6 system, every device from computers and phones to smart home hubs is assigned its own public IP address that anyone can access. This means I now ping every server on the International Space Station.

Failure to secure IPv6 systems is essentially opening a backdoor for hackers to enter your network. You can be sure that employees are already bringing in IPv6-enabled devices into your workplace. Lack of IPv6 security knowledge on your IT team is one of the top risks to your company’s security today and a major cyber security skills gap. Organizations need to invest in IPv6 security training for IT teams before they deploy (rather than plugging holes after) to ensure their network security is secure.

4. Educate users to address social engineering threats

Organizations are investing millions of dollars on their network security, yet most security breaches occur at the individual employee or user level. Users forget to use their security key or they take a phone call in the wrong place. Most employees are woefully ignorant of the IT plumbing behind their devices to the point of being dangerous.

Companies need to provide basic online security awareness education to all their employees so they understand why they shouldn’t do certain things. When something goes wrong, for example, they should know how to reset their iPhone to shut down safely.

Social engineering or phishing emails sent to individual employees (like the recent WannaCry ransomware attack) are also becoming an increasingly common way to attack enterprises. These attacks involve sending fake, but seemingly legitimate emails to individuals who then hand over valuable company data or click dangerous links. To safeguard your network, you’ll need to better educate employees on these social engineering traps.

5. IT pros are losing the ability to communicate

Finally, the skill that’s hard to find among the new generation of IT workers today is the ability to communicate effectively—both in terms of speaking and writing. IT professionals are losing the ability to talk about technical issues so users or non-technical people can understand. Many of today’s IT pros, while technically savvy, lack empathy and the ability to really talk to people and look them in the eye. Part of the problem is social media and texting have broken down social rules. But it goes deeper than that. Everyone is good at writing a quick text of up to 140 characters. But if they have to write an email or give a presentation, they are unable to do this well.

In my opinion, IT hires should write an essay as part of the application process for a job. IT professionals are dealing with important security issues in the company. They need to communicate these critical issues effectively both internally and externally. Aside from technical skills, enhancing the communication skills and the writing ability of your IT team are key to raising your cyber security game.

Technologies will keep changing and hackers will keep getting smarter. It’s our job in IT to stay one step ahead of the game. But in order to achieve this, your IT team will need to continuously address the skills gaps that result from technology disruption. Considering getting your IT team access to the latest cyber security skills through Udemy for Business—where courses are updated in real-time and driven by market demand. Every innovation brings new risks to your company’s security. Just make sure your IT team is ready.

Mike Meyers is the industry’s leading authority on CompTIA Certifications and President and co-founder of Total Seminars LLC, a provider of PC and network seminars, books, videos and courseware for thousands of organizations throughout the world. Mike has been involved in the computer and network industry since 1987. He teaches the courses CompTIA Network+ and CompTIA Security+ on Udemy.

About Udemy for Business:

Udemy for Business is a learning platform that helps companies stay competitive in today’s rapidly changing workplace by offering fresh, relevant on-demand learning content, curated from the Udemy marketplace. Our mission is to help employees do whatever comes next—whether that’s the next project to do, skill to learn, or role to master. We’d love to partner with you on your employee development needs. Get in touch with us at

2020 Workplace Learning Trends Report: The Skills of the Future thumbnail


Discover the latest trending tech & soft skills, top 10 skills by industry & role, and how organizations are preparing their workforce for the future.

More from Tech Skills Topic

Tech Skills

Why Swift UI Should Be on the Radar of Every Mobile Developer

Swift UI is a user interface framework intended to make it easier to build Apple platform apps in the Swift...

Tech Skills

The 10 Hottest Technical Skills in 2020

We’ve covered the technical skills every web developer, data analyst, and IT specialist should have on their resume in 2020....

Tech Skills

10 Technical Skills IT and Engineering Pros Need to Master in 2020

As 2020 begins, it’s time to consider which technical skills you and your team should master for the year ahead....