Hiring “new collar” staff could be your best defence against a devastating breach
If you think cybersecurity risks are just for other companies, recent ransomware attacks on businesses across the world should be a wake-up call.
But taking steps to secure your company’s networks and systems might prove a challenge, due to a severe shortage of cybersecurity professionals.
Amid a rising demand for experienced tech experts who can keep up with evolving technologies and the threat landscape, it’s estimated that there’ll be a 1.8 million shortfall in the profession by 2022.
IBM Canada is endeavoring to find and upskill more cybersecurity personnel to work with its clients – and it’s urging recruiters at other companies to take a similar “new collar” approach when it comes to hiring those workers.
“Not every cybersecurity job requires the traditional four-year university degree, and that is typically where companies – including IBM – typically look for resources,” says Heather Ricciuto, an IBM Security transformation and academic outreach leader.
“There are jobs that can be done by people with maybe a two-year college certificate, or people coming out of veterans’ programs, people re-entering the workforce that have hands-on skills and have the aptitude, but not necessarily that four-year degree.”
IBM has established programs to cast a wider net for such talent, including creating partnerships with schools, reaching out to veterans, and sponsoring cybersecurity competitions.
Those “new collar” roles include test engineers, software developers, penetration testers, security operations centre analysts and technical writers.
“When it comes to new collar, it’s about the skills and aptitude and the desire to learn, and that’s what recruiters need to be looking at.”
As the role of human resources becomes more strategy-driven, HR professionals should also be looking beyond the threats they face today to what their cybersecurity needs will be in future, and considering what roles could be rejigged to be filled by different skill sets.
“It’s not a matter of if you’re going to be attacked, it’s when. You really can’t just put your head in the sand and think ‘it’s never going to happen to me or my company’, because everybody’s at risk.”
Related stories:
Why HR is critical in cybersecurity
Would your staff sell private information?
But taking steps to secure your company’s networks and systems might prove a challenge, due to a severe shortage of cybersecurity professionals.
Amid a rising demand for experienced tech experts who can keep up with evolving technologies and the threat landscape, it’s estimated that there’ll be a 1.8 million shortfall in the profession by 2022.
IBM Canada is endeavoring to find and upskill more cybersecurity personnel to work with its clients – and it’s urging recruiters at other companies to take a similar “new collar” approach when it comes to hiring those workers.
“Not every cybersecurity job requires the traditional four-year university degree, and that is typically where companies – including IBM – typically look for resources,” says Heather Ricciuto, an IBM Security transformation and academic outreach leader.
“There are jobs that can be done by people with maybe a two-year college certificate, or people coming out of veterans’ programs, people re-entering the workforce that have hands-on skills and have the aptitude, but not necessarily that four-year degree.”
IBM has established programs to cast a wider net for such talent, including creating partnerships with schools, reaching out to veterans, and sponsoring cybersecurity competitions.
Those “new collar” roles include test engineers, software developers, penetration testers, security operations centre analysts and technical writers.
“When it comes to new collar, it’s about the skills and aptitude and the desire to learn, and that’s what recruiters need to be looking at.”
As the role of human resources becomes more strategy-driven, HR professionals should also be looking beyond the threats they face today to what their cybersecurity needs will be in future, and considering what roles could be rejigged to be filled by different skill sets.
“It’s not a matter of if you’re going to be attacked, it’s when. You really can’t just put your head in the sand and think ‘it’s never going to happen to me or my company’, because everybody’s at risk.”
Related stories:
Why HR is critical in cybersecurity
Would your staff sell private information?