Blog: 08.02.26

Real-World Ready: Training the Next Generation of Cybersecurity and Intelligence Pros

Investigations, intelligence and cybersecurity all are their own overlapping niches. While skillsets in one may seem arcane to an observer from another niche, there are a few skills that overlap that everyone in the space can and should know, or at least be familiar with, to enhance their investigative capabilities. These skills are especially critical as LLMs are increasingly poised to automate repetitive, simple tasks that often make up the bulk of the labor of a given investigation.

The first skill is networking. You may immediately think of someone developing connections at a conference or dinner party, and that certainly is important as well. What we’re really referring to is computer networking. Computer networking is what enables the internet as we know it to exist, and is arguably the least understood but most used system in place today for most investigators and analysts. Those in cybersecurity should have a solid understanding of networking, but the breadth of cybersecurity means that many specialize in other fields, such as malware analysis, threat intelligence or beyond, without having a full understanding of networking.

Many intelligence analysts and investigators have only a cursory knowledge of the protocols that undergird our modern connectivity, despite quite literally relying on the internet for most of their professional needs. Better understanding networking is critical for multiple reasons: understanding how the internet works empowers analysts to investigate cybercrime of almost any kind more effectively, better understand how domains work and how to investigate them, as well as how to improve their operational security, create avatars and more.

The next skill is the ability to work in foreign languages. Not necessarily speak one or learn one to a degree of fluency - although that’s always great if you can - but rather how to work in one that you don’t speak. Knowing which machine translation tools exist, from Google Translate to DeepL to beyond, how to translate full files, how to use OCR (optical character recognition) to extract text from images and beyond will be increasingly important. LLMs have a role here to play as well. The language barrier can be passed to a degree with a bit of work, which is critical when investigating foreign cybercriminals, gathering data abroad and beyond.

Writing is another critical skill. The specter, or opportunity, of LLMs doing our writing for us seems more tangible than ever. However, there’s a downside to outsourcing your writing. Writing reports isn’t just a timesink but also where much of the critical analysis happens in a case. The act of writing ourselves not only makes us better at writing, but helps to organize our process and thoughts. One could compare the act of writing up a report to the proverbial “sleeping on it”. Giving the report the effort it deserves in writing it out often leads to new investigative findings, leads and analysis. Lastly, LLMs can only work with what you give them. The better you structure and write your report, the easier it’ll be for an LLM to tighten it up.