Cybersecurity training: interview with Dr. Manlio Longinotti (responsible for SANS Institute in Italy)

(To Alessandro Rugolo)

As the reader of this column well knows, we have always tried to promote training in cyber and new technologies, convinced that it can "make a difference". This is why we seize the opportunity to interview Manlio Longinotti, the manager of SANS for Italy, one of the main companies in the sector.

Can you tell us briefly about yourself, your role in SANS and the growth of SANS in Italy?

I have been the Country Manager for SANS Institute for about two years, a responsibility I accepted after several years of IT consulting. In Italy, like everywhere, the demand for IT security experts is much higher than the supply, we want to support Italian organizations and companies in the training and certification of these figures and reduce the skills gap. There is a tendency to say that man is the weakest link in the security chain but I disagree: man is the most common vector of a cyber attack, adequate training and preparation are the main defense weapons . We have been working in Italy for more than 15 years, with an ever-increasing number of clients and students who choose us for the quality of our services.

A few days ago a session of SANS courses and other related activities was held in Rome. What is it about? Can you tell us about the initiatives and courses you have just held and those that will be held soon?

The one in Rome is one of the many monthly events that we organize in Europe and around the world: they are events where, from Monday to Saturday, various courses are held with classes of around 15-20 participants coming from various organizations from all over Europe and sometimes even from overseas . We'll do another one at May 2024 again in Rome, as far as possible taking into account the training priorities communicated to us by customers.

We call them events because in addition to the courses we organize a series of activities aimed at encouraging discussion between participants, such as a Capture the Flag competition to immediately put the skills acquired to the test. Usually the instructors then make themselves available for a "Night Talk", an aperitif also open to external guests in which transversal topics are addressed to stimulate discussion and dissemination of knowledge.

SANS is an American company founded in 1989 with the aim of offering training in the field of Cybersecurity. As far as I know it is also the most renowned institute and, perhaps, the most expensive. Why, in your opinion, does taking a SANS course constitute added value?

There are two characteristics that make our courses the most appreciated by cybersecurity experts: the instructors and the practical approach.

Let me explain: the instructors are selected at the end of a long and complex process which must validate not only their skills and knowledge but also their teaching abilities. But above all they are established professionals in their companies and in the industry, who deal with cyber security challenges every day and bring real, not just theoretical, experience to the classroom. The consequence is that the courses are very practical with various laboratories that require the student to immediately test themselves on what has been explained, thanks to the use of virtual machines, PLCs and other tools with a double result: consolidating the theory and providing tools and methodologies which can be reused once the course is finished, immediately.

What types of courses do you hold? In what mode?

These are not "off the shelf" courses: there are more than 70 of them, preparatory to the preparation of around 40 GIAC certifications, a standard adopted internationally to validate IT security skills. There are 7 areas: Cyber ​​Defense, OSINT, Offensive Operations, Digital Forensics & Incident Response, ICS & OT Security, Cloud Security and Leadership Security.

Considering that the investment is not insignificant, we want to support our customers in choosing the courses most in line with the organization's objectives, which is possible thanks to continuous updating of the contents and topics covered by our instructors. It's one thing to train a threat intelligence expert in the military sector, it's another to do it in the civilian sector for example.

The courses can be attended both remotely and in person, but I undoubtedly suggest in person: you have the opportunity not only to get to know the instructor personally, but also to interact with dozens of experts from all over the world, discussing methods approach to challenges and problem solving. Cyber ​​security, before a market, is a community: at a SANS event you meet enthusiasts who care about the security of their companies and organizations and want to be updated in a timely, rigorous and concrete manner.

Let's talk about one of the problems that seems to afflict the current world: skill shortage. Everyone, companies and public administrations, is looking for trained personnel, often without actually being able to select them. How can SANS help in the selection of a company's personnel?

Worldwide, the demand for cybersecurity experts is more than 3 million, of which more than 300.000 in Europe, a number that increases by approximately 26% per year1, despite the efforts that organizations make to train staff and attract new graduates in this field.

SANS has developed the Cyber ​​Talent Assessment, a tool created to support recruiters and hiring managers to verify skills and aptitudes during the personnel selection phases. Experience has allowed us to improve it and it is now used in particular by various Governments and Ministries of Defense to internally select profiles to start on training courses that we design together, with the aim of having IT security experts within a few months, already hired. We are aware that it is not easy to find these figures on the market and this is sometimes compounded by the complexities linked to long and complex hiring processes. The Assessment is the starting point for so-called reskilling projects.

To close, can you tell our readers why young people should pursue careers related to Cybersecurity?

I go back to the first question: they are rare figures, highly sought after and whose importance within organizations will increase. Furthermore, it is not crucial to have a technical (or STEM) education but in my opinion it is above all important to be curious and humble: there will always be something to learn and it will not be possible to know everything. At the same time, I would be lying if I denied that understanding the main methods of a cyber attack is not important, but it is equally important to be able to make management understand why to invest in cyber security and how, and this is where other characteristics come into play. , not purely IT. Furthermore, I must say that thanks to that concept of community I was talking about before, it is difficult to be "left behind": among experts, there is a tendency to often help each other, in order to form a common front against an increasingly organized enemy. It's certainly one of those professions where you never get bored, on the contrary! In this regard, I suggest taking a look at our available resources, they are useful for approaching this world.

1 Source: Word Economic Forum

Photo: author