- Jo Faragher
We as consumers will be even more connected via our smart watches, home heating gadgets and who knows what else, while huge volumes of data are shared around – perfect bait for hackers or activists.
It’s no surprise then that more than three-quarters of chief information officers believe that we could face more security threats over the next five years due to a shortage of IT security talent. A survey by Robert Half Technology, the IT recruiter, reveals that their main concerns are data abuse, cybercrime, and the rise of spyware and ransomware. More than a third want to increase headcount, but are struggling to find enough people with the right skills.
One of the biggest hurdles to finding the right people, according to director Neil Owen, is sourcing specialists who can talk about security to people in the business who aren’t experts, and who can articulate the risk. Despite high profile ‘hacks’ such as the one on extramarital affairs site Ashley Madison or Talk Talk, companies that rely on tech and who need to keep their data safe still struggle to attract and retain good security specialists.
BT has responded to this challenge by launching a major recruitment drive, with the aim of hiring 900 people to work in its security business between now and next year – and of that intake, almost 200 will be graduates and apprentices, rather than experienced specialists. Candidates take part in cyber-security challenges including simulations of attacks to gauge their skills. The idea is to train the ‘next generation of experts’, rather than pinning all its hopes on finding the right number of people that can hit the ground running.
The Ministry of Defence has a similar approach to recruitment, including the ‘Joint Cyber Reserve’, which is a chance to learn specialist security skills and undergo cyber ‘missions’ in the same way traditional army reservists have regular weekend operations.
Not all employers will have the resources or the brand to launch grand-scale recruitment campaigns like this, but there are aspects of them they can learn from. Can they ‘grow their own’ cyber-skills, for example through apprenticeships? Is it possible to bring specialists in on a more flexible basis, rather than insisting on finding someone who can commit full-time, permanently, to the role?
However they achieve it, it’s an area of recruitment that’s only going to grow, and the war for security talent is only going to become more competitive.