If you have a passion for computing and have long held fascination with Cybersecurity, Cerco’s Cradle to Cyber presents the perfect pathway through training into employment.

With Cradle to Cyber we have designed a two year training programme that leads you through basic IT training, temporary employment, continuous learning (via the Fortinet Network Security Expert (NSE) Training and Certification programme) into permanent employment.

In this post we explore the first year of Cradle to Cyber.

FastTrack

Cerco’s long-standing practical training course, FastTrack, is your entry point to Cradle to Cyber.

FastTrack is an in-house, practical training course spanning five days. FastTrack is free to attend.

Among the areas that are covered are:

• Health and safety / electrostatic discharge
• PC hardware connections, memory and data storage
• The ROM BIOS & CMOS set-up
• Windows installation and configuration
• Command line
• Network Topology, Standards, Hubs, Switches and Routers
• Windows Networking, Domains and Configuration
• Wireless networking
• TCP / IP Networking
• Routing, DHCP, Connectivity
• Troubleshooting
• Logical fault finding/troubleshooting
• Printer installation in Windows

With FastTrack we have crafted a level of training that perfectly maps onto our client’s requirements for their Field Engineering requirements. Upon successful completion of the course we will aim to place you out to work on a temporary basis. This forms the perfect environment for continuous learning alongside your employment.

During your employment we will introduce you to the next phase of your training: Fortinet Certified Fundamentals.

Fortinet Certified Fundamentals (FCF)

Fortinet Certified Fundamentals is self-paced and platform agnostic.

The Fortinet Network Security Expert (NSE) Training and Certification programme is a globally renowned training programme that perfectly prepares you for developing a career in Cybersecurity. At each stage you will explore various aspects of Network Security which in turn helps you to identify the pathway that best suits your aspirations and skills.

Introduction to the Threat Landscape

The first module, Introduction to the Threat Landscape, is a core module and introduces you to a wealth of Cybersecurity terminology and considerations.

You begin your journey by understanding precisely what Cybersecurity is and the importance of protecting information, data and system access.

Throughout the introduction you will gain a firm understanding of Threat Actors, Attack Vectors and common vulnerabilities.

You will also gain an understanding of how Threat Intelligence plays a key role in identifying, solving and preventing future attacks.

The final phase of Introduction to the Threat Landscape deals with the increasing threat surrounding Social Engineering and the risk of Malware.

You will quickly understand that threats to corporate data are present everywhere and that human behaviour and vigilance are crucial to a sound security framework.

Technical Introduction to Cybersecurity

Following the Introduction to the Threat Landscape you will dive deep into the technicalities of Cybersecurity.

This is a self-paced course and covers some key areas, such as:

• Cryptography and the Public Key Infrastructure
• Components of a Secure Network
• Authentication and Access Control
• Secure Remote Access
• Endpoint Security

Cryptography is the practice and study of techniques for securing communication and data from adversaries.

You will develop an understanding of hashing, algorithms, ciphers, keys, signatures and Public Key Infrastructure.

Public Key Infrastructure is a framework that manages digital keys and certificates, providing a secure way to exchange information over insecure networks such as the Internet. PKI is built on asymmetric key cryptography and includes such things as certificate signing for use on a website.

Upon completion of Technical Introduction to Cybersecurity you will have a solid understanding of the practices employed to secure communications over public and private networks.

Fortinet Networking Fundamentals (FNF)

Fortinet Networking Fundamentals is a self-paced, platform agnostic course. Unlike FCF and FCA, this course is not certificated and does not form a part of the NSE programme. You will however receive a printable certificate to mark the course’s completion.

Throughout this course you will gain a firm knowledge of the essentials of network communication and a thorough understanding of computer networking.

Central to Fortinet Networking Fundamentals is the concept of the OSI (Open Systems Interconnection) Reference Model.

By understanding the OSI Model you will be able to identify each stage of data transfer as well as the construction of data packets and how they are managed.

Key modules within FNF that you will explore:

• OSI Reference Model
• LAN Basics
• TCP/IP Internet Layer
• Networking Devices (Bridges, Switches, Routers, Hubs etc)
• TCP/IP Suite
• VLAN Design
• Internetworking Fundamentals
• Virtualisation and Cloud

Regardless of the direction that you take in your Cybersecurity journey, FNF provides a strong, vital and platform agnostic foundation for understanding how information is constructed, delivered and managed across a wide range of network structures.

Fortinet Certified Associate (FCA)

Fortinet Certified Associate is a self-paced, certificated course that forms a crucial stage in the NSE programme by introducing you to Fortinet’s suite of security appliances including firewall, virtual private network (VPN), antivirus, intrusion prevention and web filtering. These security appliances are collectively referred to as FortiGate.

Fortigate 7.4 Operator

The concepts of configuration, policy and access are central to FortiGate. Upon successful completion of FCA you will have a broad understanding of the following disciplines:

• Configuring Interfaces and Routing
• Firewall Policies
• Authenticating Network Users
• Inspect SSL Traffic
• Blocking Malware
• Control Web Access Using Web Filtering
• Configuring the FortiGate Intrusion Prevention System (IPS)
• Controlling Applications Access
• Creating IPsec Virtual Private Networks
• Configuring FortiGate SSL VPN
• FortiGate System Maintenance and Monitoring
• Configuring the Fortinet Security Fabric

FortiGate appliances are available in various models to cater to different-sized organisations and network requirements, ranging from small businesses to large enterprises. The FortiGate platform is a key component of Fortinet’s broader security ecosystem, which includes other products and services aimed at providing comprehensive Cybersecurity solutions.

FortiGate devices act as firewalls, inspecting and controlling incoming and outgoing network traffic based on an organisation’s established security rules.

VPN functionality allows organisations to create secure connections over the internet, enabling remote users to connect to a central network, securely.

A key feature of FortiGate appliances is their ability to detect and prevent various types of network-based attacks through an Intrusion Prevention System (IPS).

IPS provides an additional layer of defence beyond traditional firewalls.

With its integrated Security Fabric, Fortinet’s wide range of products are able to work together and share threat intelligence to further enhance overall security.

On completion of Fortinet Certified Associate you will be in a fantastic position to explore a pathway into a specific Cybersecurity role with Fortinet Certified Professional. We will also look to provide you with a higher level of temporary employment. e.g. 2nd Line Support Technician.

In another blog post we will explore Fortinet Certified Professional in some more detail.

How much does Cradle to Cyber training cost?

Cerco FastTrack

Cerco’s FastTrack training is free to attend.

FastTrack is a 5-day course held at our training facility in Crewe, Cheshire. Although the course is free to attend you may need to consider accommodation and travel costs.

We can help you to identify a reasonably priced hotel. Parking at Cerco is free. Alternatively, we are situated a 10 minute walk from Crewe Train Station.

Fortinet NSE Training and Certification

The first stages of the Fortinet NSE Training and Certification programme are free to sit. All NSE training is self-paced and carried out online. Exams for Fortinet Certified Fundamentals and Fortinet Certified Associate are performed as part of the online training and are free to sit as many times as required.

Entry level SOC analyst wanted – minimum 5 years of experience required. Sound familiar? This all-too-common scenario is damaging to prospective candidates and recruitment teams alike and does nothing to help deal with the shortfall of required cyber security professionals in the U.K. If this issue is to be rectified, we need to reassess the way we recruit for these roles and change our thinking around what can offer the most value to a cyber security workforce.

The ever-broadening digital landscape has meant a rapid expansion in all areas of Cyber Security and as the demand for skilled professionals continues to surge, the value of experience cannot be denied. However, it’s essential to recognize that experience, while valuable, is not the sole determinant of success in this industry.

Experience undoubtedly brings a lot to the table, not least of all, demonstrable know-how in the relevant field. Yet, focusing solely on experience can inadvertently limit opportunities for growth, diversity and fresh perspectives, whilst creating a barrier that makes the industry impenetrable for all but a lucky few. Maybe it’s time to adopt a more well-rounded approach to recruitment, that considers more than just how long somebody has worked in their field.

Instead of offering a salary of £50k for a level 2 SOC Analyst, why not attach a more junior salary, whilst nurturing and developing fresh talent with the relevant qualifications and promote from within? That 6 months spent looking for a unicorn who could meet all of the criteria for a role, could have been spent giving someone their first months of experience and growing them into the best candidate for that role, who already works within the company ethos.

The IT and cybersecurity landscape is multifaceted, with a range of specializations, from network security to ethical hacking. Relying solely on experience will lead to a lack of exposure to emerging trends, training and technologies. Combining experienced professionals with those who bring diverse skills and backgrounds can foster greater innovation and creativity within teams.

Professionals who demonstrate a thirst for continuous learning and a willingness to adapt can often bring fresh insights to complex problems. A newcomer with a solid foundation and a passion for staying current can contribute just as much as someone with years of experience. Soft skills are also not a given when it comes to experience and whilst technical proficiency is crucial, problem-solving abilities, effective communication, teamwork, and adaptability are equally important.

Another drawback of relying solely on experience when considering hiring needs is that it could well inadvertently perpetuate a lack of diversity within the sector. Embracing candidates from different backgrounds and experiences can lead to a more inclusive work environment and a broader range of perspectives, ultimately allowing for forward movement and enhancing innovation.

Experience is undoubtedly a valuable asset when considering recruitment needs, however, it’s crucial to recognize that it’s not the sole indicator of potential success. A blend of diverse skills, a commitment to continuous learning and a focus on problem-solving and soft skills can lead to well-rounded teams that thrive in the ever-evolving Cybersecurity field. By embracing a more holistic approach to hiring, both employers and job seekers can navigate the opportunities in these sectors with confidence that they are futureproofing against the very real cyber threat.