Wednesday, 31 July 2013

Data breaches linked to cyber skills shortage - the importance of certification


The shortage of skilled professionals in cyber security is responsible for the high levels of data breaches according to the (ISC)² Global information Security Workforce Study (GISWS). This is having a weighty effect on the global economy, according to the study of more than 12,000 information security professionals worldwide conducted by Frost & Sullivan.

Lack of qualified professionals is the top concern of over half (56%) of chief information security officers (CISOs) alongside hacking. Hacktivism (43%) and cyber-terrorism (44%) are also major worries.

The report concludes that the major shortage of skilled cyber security professionals is negatively impacting organisations and their customers.

The executive director of (ISC)², Hord Tipton, stated that data breaches have an economic effect: “Now, more than ever before, we’re seeing an economic ripple effect occurring across the globe as a result of the dire shortage of qualified information security professionals we’ve been experiencing in recent years”. He added: “Underscored by the study findings, this shortage is causing a huge drag on organisations. More and more enterprises are being breached, businesses are not able to get things done, and customer data is being compromised.”

Given the high levels of cyber espionage, hactivism, and nation-state threats, Tipton stated that the time is now for the public and private sectors to join forces and close this critical gap.  “We must focus on building a skilled and qualified security workforce that is equipped to handle today’s and tomorrow’s most sophisticated cyber threats”.

In the 2011 GISWS, it was found that there is a problem upstream, a major shortage of software development professionals trained in security. With cloud security, bring-your-own-device (BYOD) and social network, there is more threats from malware and mobiles devices.

According to the report, a multi-disciplinary approach is required to address the risks in BYOD and cloud computing. 74% of respondents thought new security skills are required to meet the BYOD challenge and 68% that social media is a security concern, with content filtering being the top security measure used.

“The business model of cyber criminals is changing and therefore information security professionals need to change to address that and adapt their approach to new and emerging technologies,” said Richard Nealon, co-chairman (ISC)2 Advisory Board for Europe, Middle-East and Asia.

“This survey shows that we need to rethink our approach to the skills challenge. We need to look at the problem from the top down, not the bottom up,” added the managing director, John Colley.

Other key findings from the study include:

Information security is a stable and growing profession. Over 80% of respondents reported no change in employer or employment in the past year, and 58% reported receiving a raise in the past year.  

The number of professionals is projected to grow steadily by more than 11% a year over the next five years. The average annual salary for (ISC)² certified professionals is £66,330 globally, which is 33% higher than professionals without an (ISC)² certification.

Knowledge and certification is considered highly important in job placement and advancement. Almost 70% view certification as an important indicator of competency when hiring. Almost half of companies (46%) require certification. 60% of those surveyed plan to acquire certifications in the next 12 months, and the CISSP is still the top certification in demand. 

This figure is the same for the UK. If you want to find out more about certifications, we recently wrote an article on our top four IT security certs, you can find it here.

How to boost cyber security skills:

To end the shortage of cyber security skills, three actions are required according to Richard Nealon, co-chairman (ISC)2 Advisory Board for Europe, Middle-East and Asia.

1.   More engagement from businesses is needed with the IT security profession. Opportunities need to be made available to existing and prospective infosec professionals and provide incentives to stay. “By providing internships, for example, businesses can open the door and enable people to see if they are suited to a career in infosec,” said Nealon. He added that “The average age of skilled information security professionals in the UK is 43, we are not getting enough young people into organisations where they can learn as they work”.

2.   The Government needs to take on its responsibility of further promoting IT security as a key skill that is essential to the protection of critical national infrastructure. Nelson stated that “Government should encourage scholarships and help create training and employment opportunities”. 

3.   The educational industry should work harder to ensure their IT courses have a stronger focus on security. They should also offer more courses on cyber security and make them attractive to prospective students. “For example, a course in ‘forensic cyber security’ is much more attractive than a ‘bachelor is information security’,” said Nealon. “There is also a gender imbalance that needs to be addressed. Worldwide, 89% of infosec professionals are male, but in the UK the figure is 93%,” he added. These institutions should further promote IT security as a career, particularly to women as the gender imbalance is not good for the industry.

About the Author:
Julian writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Julian is the companies Digital Marketer.

Tuesday, 30 July 2013

Fast Pass launches in 24 hours - two years of training for just £12,000


Firebrand Fast Pass
Firebrand turns 12 on Thursday 1 August. Our 35,000 students have taken 120,000 exams and saved one-million training hours since 2001.

To celebrate, we've launched the Fast Pass - two years of Firebrand training for just £12,000 (+ VAT). Theres' only two days left until the launch - which goes on sale at 10.00am Thursday 1 August.

Be one of only 12 to get Fast Pass

This offer is only open to 12 people. With Fast-Pass you'll be able to attend all Firebrand courses once, without paying another penny until the pass expires on Friday 28 August 2015. You’ll save thousands of pounds and every course is covered by the Firebrand certification guarantee.

You can buy your Fast Pass on the Firebrand website at 10.00am on Thursday 1 August.

Use Fast Pass immediately

You can use your Fast Pass as soon as you buy it. Which means you can start with all our most popular courses, including:
If you want to find out more about Firebrand or you need to convince your boss or finance team that this is the best training investment you'll make, watch our Tale of two Guys video.

About the Author:
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry.

Monday, 29 July 2013

The World's Biggest Data Breaches in one Infographic


Major data breaches, leaks and hacks are becoming more and more common. But beginning to understand the sheer numbers involved may be hard.

Information is Beautiful created a brilliant interactive infographic of the world's biggest data breaches, highlighting some of the most high-profile attacks. It lets you filter by organisation, method of leak, and gives you a brief description of the breach with a source to full articles. It really puts the importance of IT security into perspective and is really rather distressing.

The infographic includes all of the most recent attacks in 2013 such as the recent incidents with Evernote, LivingSocial, Facebook, LinkedIn, Yahoo and Twitter.

But it seems that technology companies aren't the only ones at risk. "Video gaming sites and organizations have suffered the most," said David McCandless, who runs Information is Beautiful. He adds that “in terms of sheer numbers of records breached, they really get owned."

The healthcare industry also faced its share of serious data breaches, which is worrying considering the sensitivity of the data.

The infographic also shows the huge T.K. Maxx security breach in 2007 that put more than 45 million credit and debit card users at risk. The scary thing is that many slip under the radar meaning the illustration may just be showing the tip of the iceberg.

McCandless stated that "some companies such as Twitter are upfront and transparent about getting the news out as soon as they are hacked, while others like Apple are super uncommunicative".

You can click on each attack to learn more about what happened. Click here to check it out.

About the Author:
Julian writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Julian is the companies Digital Marketer.

Friday, 26 July 2013

A guide to the Microsoft Technology Associate (MTA) Networking Fundamentals Certification


What is the MTA?

The Microsoft Technical Associate (MTA) programmes are entry-level training and certification in the fundamentals of IT Infrastructure, Database and Software Development, designed by Microsoft, with the MTA Networking Fundamentals programme focusing on the IT Infrastructure track. By completing this programme and passing the associated online exam, it can be used as a stepping stone to the Microsoft Certified Technology Specialist (MCTS) exams.

The purpose of the MTA Networking Fundamentals programme is to provide an overview to candidates on the essentials of networking principles. Being a Microsoft exam you will be learning the foundations of Windows Server and any potential candidates are expected to have hands-on experience with networking management tools, DNS, TCP/IP, and an understanding of the names resolution process and network protocols and topologies.

Target Audience

The Networking Fundamentals programme is associated with the IT Infrastructure track and is intended for those candidates who are interested in building a career in desktop support, server maintenance or cloud services. Potential candidates

for this programme could be looking to enhance their knowledge and understanding in networking, or could already be in a support role and looking for career progression.

What You Will Learn

The curriculum is segmented into 3 domains, containing 14 learning objectives in total:

1. Understanding Networking Infrastructures

1.1. Understand the concepts of the Internet, intranet, and extranet

This objective may include but is not limited to: VPN, security zones, firewalls.

1.2. Understand local area networks (LANs)
This objective may include but is not limited to: perimeter networks; addressing; reserved address ranges for local use (including local loopback IP), VLANs; wired LAN and wireless LAN.

1.3. Understand wide area networks (WANs)
This objective may include but is not limited to: leased lines, dial-up, ISDN, VPN, T1, T3, E1, E3, DSL, and cable and their characteristics (speed, availability).

1.4. Understand wireless networking
This objective may include but is not limited to: types of wireless networking standards and their characteristics (802.11A, B, G, N including different GHz ranges), types of network security (for example, WPA/WEP/802.1X), point-to-point (P2P) wireless, wireless bridging.

1.5. Understand network topologies and access methods.
This objective may include but is not limited to: star, mesh, and ring.

2. Understanding Network Hardware

2.1. Understand switches
This objective may include but is not limited to: transmission speed; number and type of ports; number of uplinks; speed of uplinks; managed or unmanaged switches; VLAN capabilities; Layer 2 and Layer 3 switches, security options; hardware redundancy; support; backplane speed; switching types, MAC table; understanding capabilities of hubs vs. switches.

2.2. Understand routers
This objective may include but is not limited to: transmission speed considerations, directly connected routes, static routing, dynamic routing (routing protocols), default routes; routing table and how it selects best routes; routing table memory, NAT, software routing in Windows Server.

2.3. Understand media types
This objective may include but is not limited to: cable types and their characteristics, including media segment length and speed; fibre optic; twisted pair shielded or nonshielded; cabling, wireless; susceptibility to external interference (for example, machinery, power cables); susceptibility to electricity (for example, lightning), susceptibility to interception.

3. Understanding Protocols and Services

3.1. Understand the OSI model
This objective may include but is not limited to: OSI model; TCP model; examples of devices, protocols, and applications and which OSI/TCP layer they belong to; TCP and UDP; well-known ports for most-used purposes (not necessarily Internet); packets and frames.

3.2. Understand IPv4
This objective may include but is not limited to: addressing, subnetting; NAT, static IP, gateway; APIPA; network classes, classful/classless IP addressing; reserved address ranges for local use (including local loopback IP).

3.3. Understand IPv6
This objective may include but is not limited to: subnetting; IPconfig; why use IPv6; addressing; IPv4toIPv6 tunneling protocols to ensure backwards compatibility; dual IP stack; subnetmask; gateway; ports; packets; reserved address ranges for local use (including local loopback IP)

3.4. Understand names resolution
This objective may include but is not limited to: DNS, WINS, steps in the name
resolution process

3.5. Understand networking services
This objective may include but is not limited to: DHCP, IPsec, remote access

3.6. Understand TCP/IP
This objective may include but is not limited to: tools such as ping; tracert; pathping; Telnet; IPconfig; netstat, reserved address ranges for local use (including local loopback IP); protocols.

Sample Questions

Below are some examples of the types of multi-choice questions you may be asked to the exam.

Q1. Which IEEE standard relates to WLAN

   A. 1394
   B. 802.3
   C. 802.5
   D. 802.11

Q2. Which layer of the OSI Model do bridges work on?
   A. Layer 1
   B. Layer 2
   C. Layer 5
   D. Layer 7

Q3. You would like clients in one subnet to receive IP addresses from a DHCP server in a different subnet. What feature would the interconnecting router need to support?
   C. DNS
   D. None of the above

From an Academic POV…

This programme can be embedded into any IT curriculum starting from Level 2 provision, with particular links to the IT Professional certification track. Delivery styles will vary, but it is recommended that students really embrace the MTA curriculum and training providers use a good blend of hands-on resources and plenty of intense revision sessions. Typical delivery time is between 3-6 days, including exam.

As this is a Microsoft programme learners and training providers often find the MTA programmes are fun to teach and students who have a passion for Networking will fully benefit from its course content.

From an IT Professional POV…

If you are just starting your career in IT and have developed a keen interest in the Infrastructure track, then there is no better place to start building up your professional vendor portfolio than with the MTA Networking Fundamentals exam. As you can see from the certification path below the MTAs provide an excellent foundation to your future in IT. 

Other related MTA exams are 98-349 Windows Operating System Fundamentals; 98-365 Windows Server Administration Fundamentals and 98-367 Security Fundamentals.

MTA Benefits
  • A qualification that is sought after
  •  Helps towards MCTS/MCSA Level Certifications
  • Validates Fundamentals
  • Microsoft Certification on your CV!

Exam Details

Code:                        98-366
Duration:                    45 Minutes
No. of Questions:       35
Pass Mark:                 70% (25 Qs Correct)
Question Format:        Multi-Choice, Drag & Drop
Exam Vendors:           Certiport & Prometric

Considering attaining your MTA Certification?

Firebrand are one of the few IT Training companies in the UK who off the the full range of MTA certifications. To find out more about the courses offered, check the links below.

Author Bio
This article was written by Adrian Davies, Apprenticeship Development Manager at Firebrand Training. Adrian has been in the IT Training industry since 2001 and prior to Firebrand was the Curriculum Manager for Pearson PLC. 

Where to find the best IT internships


It’s tough to find a graduate job in IT at the moment. You’ve probably heard the usual spiel about hundreds of thousands of new grads flooding the job market, so Inspiring Interns are here to help you find the best IT internships available. An internship can help start your career by giving you necessary work experience and develop your technical skills in a professional setting, but before you even start the search you need to make sure you know what you’re looking for. So without further ado…

What kind of internship should you apply for?

Take some time to sit down and browse your CV. Ask yourself about your existing skillset, soft skills and technical skills, and think about the skills you would like to develop or learn about. It’s worth asking yourself the clich├ęd question, where would you like to be in five or ten years’ time? Laying out a potential career path and selecting the right internship at this stage in your career will set you in good stead to make the most of your internship and using it as a stepping stone towards your career.

Use a recruitment agency

As an internship recruitment agency, we’re bound to put this as the first option, but recruitment agencies can often hold the key to many opportunities you may not have been unable to find or hadn’t even considered. A good recruitment agency will be able to talk you through the state of the graduate job market, help you with your CV if necessary and hopefully land you an interview at a company you’re interested in interning with. Lots of graduates ask why companies bother with recruitment agencies? They save time for their clients (many smaller companies do not have HR departments) and are able to dedicate specialist knowledge and resources to finding the right person for their vacancy, so give them a go!

Search online

Your first stop online? Google. Try a selection of keywords and be specific with your searches – now that you know which skills you’d like to develop you can avoid the generic results for ‘IT internships’ and be precise; think ‘JavaScript internship London’, for example. You should also consider job sites like or job search engines like adzuna that will have hundreds of internship opportunities listed at any one time. 

Lastly, approach companies speculatively. Compile a list of companies you might be interested in interning with, find their HR/hiring manager’s name and email, and drop them a line asking about internship opportunities and stating why you think you would be a brilliant intern for their company. If you have already applied through the regular channels for a role, it does no harm to drop someone within the company an email to highlight your interest and express enthusiasm for a position.

Social media

It’s important that you take advantage of the plethora of possibilities that social media offers in your IT internship-hunt. As a potential IT intern and member of generation Y, you will be expected to be a digital native. Check out LinkedIn and Twitter and use these platforms to get in touch with HR/hiring managers. Make yourself searchable online – list your technical skills in your online profiles and mention the fact that you are looking for an internship. 

As mentioned above, follow up your application with a short message and don’t be anxious to ask about internship vacancies. You never know, you might be saving a company time and money by contacting the right person at the right time and find your perfect internship in the process! 

Author Bio:
This article was provided by Inspiring Interns.  Inspiring specialises in finding graduates internships in London and throughout the UK. Of the graduates they find internships, 66% earn themselves a permanent job with their host company.

Thursday, 25 July 2013

Last chance! TechNet subscription service shutting down


Microsoft is retiring its top software deals subscription. It was announced yesterday that in just 1 month it will shut down its TechNet subscriptions after the 15 year service. Microsoft has other, similar programs, but none as generous as TechNet.
The online Technet blogs and customer support forums will still be live, but a letter was sent to subscribers by Microsoft today announcing plans to retire the TechNet subscriptions service. New subscriptions will no longer be available after August 31, 2013, and the subscription service will shut down as current subscribers' contracts end.

From 1998, TechNet offered its subscriptions massive packets of CDs, and evolved into download options as broadband connections became common. The services have historically been one of the best deals around for IT professionals.

For an annual subscription fee of just a few hundred pounds, subscribers get the right to download virtually all of the desktop and server software Microsoft sells, with multiple product keys. The software itself is licensed for evaluation purposes only, that restriction however is part of the license agreement and is not enforced in the software itself.

The TechNet subscription was so popular because of this loophole; enthusiasts would use the platform to access cheap software then use the multiple product keys to activate rather than following the “evaluation only” rule.

This aspect was very popular in software piracy where subscribers would sell on the product keys with counterfeit software at “discount prices”. Despite Microsoft seeking to crack down on piracy through the platform in 2010 and 2012, you need only search Google or any ‘respecting’ torrent site to find these product keys in their thousands.

Last chance
Many have been left disappointed as a result of these changes. So with just 37 days to go, ensure you make the most of this offer for the final time by renewing or purchasing your subscription before the cut-off date - August 31, 2013.

More information on Subscriptions Retirement
You can check out Microsoft’s Subscriptions Retirement FAQ, with some of the main points below:

  • New subscribers have until August 31, 2013, to purchase an annual subscription.
  • Newly purchased subscriptions must be activated by September 30, 2013.
  • Current subscribers will continue to receive their benefits until their contract ends which for most retail purchases is limited to a year.
  • Existing subscribers with an end date before September 30, 2013, may renew for an additional year as long as they purchase prior to the August 31, 2013, cut-off.
  •  Subscribers with an active Microsoft Certified Training account will continue to access their program benefits until March 31, 2014.
  • MVP’s will still receive a free copy of Visual Studio Premium through an MSDN subscription.
  • The MSDN subscription will remain unchanged.

About the Author:
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry.

Wednesday, 17 July 2013

A guide to Microsoft's Enterprise Technology - Infographic


Microsoft have been creating and launching leading business and enterprise technology for more than 30 years. 

In response to Microsoft's release of new flagship products SQL Server 2014, Windows Server 2012 R2 and System Center 2012 R2, we decided to create a comprehensive guide to Microsoft's full range of technology. After pondering several formats and seeking out some crack designers we settled on an infographic as the best way to display the information.

Check out the graphic below and let us know your thoughts. If you want to see a super-size version you can also find it on our website

Copy and Paste the following to embed on your own site:

Hopefully once reading you will know about the full range of enterprise and business technology available from Microsoft. Whether it be email communication, project management, website development, customer relations management, security, live chat or data storage, management and insight (the list goes on) .....Microsoft have a product for you.

Special thanks goes to Ashley Petrons and Bill Farmer from Hutt River, who were integral in the design and launch of this graphic.

Author Bio: Edward is a member of the Marketing team focussing on Technical writing and Community Engagement for Firebrand. Working in the Industry for over 2 years, Edward has experience with Microsoft Technologies including SharePoint and Windows Server and Exchnage Server. Edward writes for a variety of Blogs and Publications on all things Technology

Friday, 12 July 2013

Guest Post - 5 reasons why keeping your IT skills current will keep you contracting


Employers look for both recognised, up-to-date qualifications as well as relevant experience from their contractors. However, as many successful contractors will vouch for, taking time off to get training or re-register their qualifications can be the last thing on their to-do list – especially when another contract calls.

Qualifications are becoming increasingly important in the contracting industry. Here are just 5 of the reasons why keeping your IT skills up-to-date is crucial to having a long-lasting contracting career:

1. Increase your potential earnings -  There is a vast discrepancy in the rates attainable for various types of work so whenever possible you should look into training in some of the more highly paid skills so you are able to earn your maximum daily rate. The cost of courses can sometimes be high, but the potential rewards can also be great

2. Open the door to new opportunities - The broader your skill set, the wider the variety of contracting opportunities that will be open to you. Be careful not to get pigeon-holed, if you happen to do a few more contracts of the same type then you might find yourself being limited to one speciality – however unintentionally that may be. Keeping up-to-date with qualifications will prove to employers that although the majority of your experience may have been concentrating on one skill, you are capable of taking on other types of contract roles.

3. Stay ahead of the competition - Unlike permanent employees, contractors are unlikely to receive on-the-job training. Contractors will often have been brought on board specifically because they already have a particular skill which the company needs, therefore are expected to know what they’re doing and add value from the get-go. Where on-the-job training is not available the responsibility ultimately lies with the individual contractor to ensure that they undertake the necessary training in order to keep up with the skills that permanent employees are gaining in the workplace.

4. Avoid early termination in the recruitment process - Employers will often now specify to recruiters that candidates must have the relevant qualification to be suitable for their role, as well as having had experience in the area. You may have had years of experience but if a qualification has been specified as essential, which you do not possess, then your CV won’t even make it past the first screening and you could be missing out on your perfect contract role to someone who has the desired qualification but only half the experience.

5. Keep up with the rate of change in technology - The consistently rapid development of existing technologies and the creation of new technologies mean that IT contractors’ skills, experience and knowledge need to be updated more frequently than perhaps contractors in other industries. This is where re-registration becomes vital; if your qualification is a few years old there may well be gaps in your knowledge. Not only this but re-registering also demonstrates to employers that you are truly committed to keeping your knowledge up to date.

It can be frustrating for experienced contractors who feel that qualifications are simply a badge; and equally for those who find it extremely difficult to get the time off to re-register their existing qualifications or train for a new skill. However, all things considered, if it means that your contracting career is longer and healthier, it could well be worth bumping it up your to-do list! 

For more hits and tips on contracting and how training can ensure you secure your ideal IT Contract job please visit Contractor UK

About the Author: 
Laura Foster writes for ContractorUK on various topical issues surrounding the IT contracting market including new and existing legislations, jobs, interviews, training, money and service providers.


Tuesday, 9 July 2013

President of EC-Council and creator of the CEH program honored by NSA Colloquium


EC-Council logo
President of EC-Council, Jay Bavisi, was awarded the National Security Agency Colloquium 2013 Award for Industry Leadership.

The award is given out to only the top leaders in Cyberspace who are recognised for outstanding leadership and accomplishment in the field of Cyber Security Education and influence.

EC-Council has worked hard to continue to add more value to their collection of powerful certifications and credentials. They have continued to work with Governments and education systems all around the world to show the need for Cyber Security Education and proactive security measures.

The award followed Jay Bavisi’s recent keynote at the NSA  Colloquium in Mobile titled "The Cyber Security Quagmire: Finding the Panacea". The keynote explained the information security industry’s successes, failures, and future. He also talked about outside the box solutions that the cyber security industry can implement as they learn from the pharmaceutical industry in their fight against diseases.

Watch the keynote here:

Congratulations Jay on this great achievement.

About the Author:
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry.

Monday, 1 July 2013

Get your boss to watch "A tale of two Guys"


We've commissioned a 3 minute film that explains why Firebrand are different from other training providers. We're confident that once you've watched our new video you'll never want to attend a traditional training course again. 

Of course your boss may still have a problem sending you to train with us - so get them to watch the video too.

In just three minutes you'll both know Firebrand deliver twice as much training as regular courses and that you'll take official exams at the end to prove what you've learnt. Much less hassle, time out of the office and cost overall.  

The film was made by Screen Glue and directed by James Tovell

About the Author:
Robert Chapman is CEO and co-founder of Firebrand Training. He has had a varied career covering hardware, software, services, from a management, sales and technical perspective.