The Colour Blue

calendar Nov 15, 2023 · 3 min read · Academic Opinion  ·
Share on: linkedin copy

I feel experience in the Cyber field is measured based on years rather than what was done. Some organisation ask questions about what actions were taken but how the answer is interpreted depends on the interviewers experience also.

I was reviewing an aquisition summary where about 1.3GB at the end of a logical partition had been 0x00 out. I asked the analysts if they checked the partition table at which they responded no as it was only a logical aquisition. I asked did you review the partition for this image the answer no, trust all tools.....

I moved on to a general question have you had to parsed a partition table before they said they were shown it once and they did what they were told at which i said how do you know what you were shown was correct or even complete?

We have a general assumption that someone showing you how to do something understand what they are showing you. That does not mean they have no idea but the level of their understanding of the action is never defined or communicated we just accept they know more than the recipient.

This made me think about the colour blue. For the most we recognise something as blue, we know that is blue where the reality is it is blue because someone told us it was blue. This does not mean we all see the colour blue or even that we see the same thing at all. We just see something we recognise as Blue.

The same applies in Cyber where experience is a collective teacher. This becomes more of an issue with the reliance on tools as experience merely translates to and is defined by which tools an analyst has used. There is a debate weather traditional degree approach or certification is best and if a degree is of value in the field or even needed. It is easy to spot comments such as " i succeeded without a degree" however there is no comparative data on how many did not.

From my own observation certificates tend to follow a tool and process method where a student is taught enough computer science to perform a tool based task. This depends on the certificate as some are awarded for just attending but there is no real measurement on the value of the certificate.

Academic institutions are more structured but there is a wide variance between degree offerings and content comparatively. Not all degrees have an equal value outside of having one.

From an academic stance the student must review the content of any perspective course and see what modules or areas the course will cover. From a delivery perspective a module or a certificate could deliver the same content however there is one main advantage from my experience. Degrees teach the student how to learn and approach this in a structured manner therefore allowing assimilation of additional knowledge throughout the career though objective testing and reasoning.

I think as a basis degrees teach fundamentals and more advanced concepts and push the boundaries of knowledge and understanding in the form of dissertations where as certificates teach already understood knowledge more from an application perspective. There is a place for both but from a value perspective i feel anyone can issue a certificate but degrees have to be accredited and monitored to ensure a standard is delivered.