IEEE experts shares key insights on Expanding and Diversifying the Cybersecurity Talent Pool Through Engagement
With the advancement of technology, Cybersecurity has become a complex security challenge in the present times. As the dependence on Information and Communications Technology is deepening, cyberthreats are penetrating every nook and corner of various businesses targeting individuals, businesses, and governments. Two-thirds of Indian organizations believe they have a proactive capability when it comes to cyber security: the largest percentage of any country. Furthermore, 60% of employees agreed that their organization struggles to recruit people with cybersecurity skills whereas 27% employees believed that the number of external security partners their company use will increase significantly in the next 1 year.
2021 has already proven to be one of the worst ever recorded years for ransomware, with a number of high-profile attacks targeting enterprises and critical infrastructure alike. Many in the industry – and the media – believe that things are destined to continue to get worse until there are extradition laws enacted, cyber norms solidified, better products made available and a slew of other dues ex machine solutions. However, modern cybercrime and advanced persistent threats require a multi-generational approach – not a silver bullet.
In turn, this requires that more people recognize that this is a problem that they can help solve.
The most significant challenge today in cybersecurity workforce development is visibility. Young people choose careers that they see in their communities and that they can see themselves working in.
The Covid-19 pandemic has exacerbated a major talent shortage in the cybersecurity space, according to a report by professional recruitment services firm Michael Page India titled ‘The Humans of Cybersecurity.’ The report suggested that the cybersecurity field is currently experiencing a 43 percent talent shortage with skills such as Application Development Security, Cloud Security Risk Management, Threat Intelligence, Data Privacy and Security being high on priority in the Asia Pacific region. Considering the sudden rise in cybercrime amidst the pandemic, 95 percent of businesses in APAC do not have adequate cybersecurity mechanisms which makes them prone to frequent attacks. To cater to this problem, here are several potential realistic options to make cybersecurity jobs visible to young people.
Engaging Potential Cyber Talent Directly
If enough cybersecurity practitioners engage directly with their communities, they can help ensure that the school will have a topical and engaging school assembly on careers in cybersecurity. For example, high school students considering their career options might be very interested to learn that there were nearly half a million entry-level cybersecurity jobs open at the end of August 2021 in the United States. On the other hand, taking about India, among the population of approximately 1.34 billion people, the country demanded 1 million cybersecurity professionals by 2020 to meet the demands of its rapidly growing economy as per a NASSCOM report.
The pandemic and working from home has shown us that schools are critical infrastructure. Unfortunately, there is no generally agreed-upon standard of due care for cybersecurity at schools; this became abundantly clear during the substantial volume of ransomware attacks on schools as they prepared to start the 2020/2021 school year. With limited budgets, outdated technologies and ad-hoc incident response capabilities, schools remain a compelling target for criminal threat actors. Community members with a background in cybersecurity can help schools build resiliency by volunteering.
Similarly, volunteering at a local organization that serves the needs of middle or high-school students through afterschool programs is one of the best ways to connect with potential cybersecurity talent directly. The intent is the same – to increase visibility so that young people know that cybersecurity careers exist. By giving an interesting presentation on cybersecurity to small groups of students, individual practitioners can help young people learn about the team-oriented nature of cybersecurity jobs. Some afterschool organizations also provide the opportunity to mentor young people and provide career guidance.
Choosing to not engage young people about cybersecurity careers is choosing the status quo – a continued year-over-year increase in the number of data breaches annually and a related increase in year-over-year average financial damages caused by said breaches. This unsustainable harm can be stopped by the collective efforts of individual cybersecurity professionals working to make our jobs visible and appealing to potential future colleagues.