NEW REPORT OUT NOW
IBM Security Services (ANZ) Business Unit Executive, Glen Gooding discusses the investment in human capital needed to overcome the growing threat posed by hackers and data breaches.
Hackers are on the loose. They are armed and they are dangerous. Every day, more of the devices and items around us are becoming digitalised and interconnected through the Internet of Things – all with the potential to be hacked.
The digital age has made it clear that cyber security is more important than ever – a point reinforced recently by the Ponemon Institution’s 2017 Cost of Data Breach study. This annual report highlights the costs associated with data breaches globally. Commissioned by IBM Security, the report found the average cost of a data breach in Australia was $2.51 million.
Somewhat more disconcerting is that the report showed cyber threats are not diminishing. If anything, the threat is growing greater.
So, is Australia ready to fight the cyber battle?
For me and my colleagues in IBM’s security business, our country is at a turning point in our history. Investment in cyber security is crucial to Australia’s economic future. This investment needs to be not only financial, but also in human capital in ways that have previously been unexplored. The Australian Federal Government recently outlined in its first annual update, Australia’s Cyber Security Strategy, that cyber skills development is a key priority.
IBM’s Global Executive Security Adviser, Diana Kelley put it well, saying: “There is a looming job shortage in the security industry.
“Unfortunately, what could be a great career opportunity for thousands of individuals to join us in the fight against cyber crime is turning into one of the biggest challenges facing the cyber security industry: a massive workforce shortage that is projected to reach nearly two million unfilled cyber security positions within the next five years.”
With the alarming shortage that’s apparent now, we cannot afford to continue to focus on traditional recruitment methods, education models, and old world hiring practices for IT security roles. We need to think differently and break the code of traditional hiring practices.
The focus of cyber security hiring needs to be on skills that have been developed in non-traditional ways. What’s true is that many of the best and brightest working in security today didn’t come into the field with a four-year technical degree. Yet, job descriptions – and hiring managers – continue to seek and define roles based on degrees rather than skills, experience and aptitudes.
A “new collar” approach could be the key to solving this issue. This would involve shifting the focus away from traditional learning pathways and taking advantage of other education methods. This can be skills and knowledge learned on the job, or through other means of hands-on engagement – internships, apprenticeships, certification programs, or even skills that are self-taught or developed alongside peers.
A greater value needs to be placed on traits such as aptitude, adaptability and quick learning – traits that are crucial to success in this field. This could be the solution both government and industry are searching for, opening the doors for greater opportunities to work in this dynamic, exciting and essential field.
For example, the security professional who thinks like the bad guys, and therefore can penetrate corporate systems to find security vulnerabilities, is the foundation of what the new collar job is all about. A role where natural curiosity, problem solving, creativity and determination are key, all underpinned by skills learnt and honed outside our traditional educational practices.
This is just one of the many opportunities on the horizon in the digital age. Cyber security is poised to become one of the pillars supporting any successful business or government. Both government and business need to join the cause, arming themselves in preparation for an attack they may not see coming.
The only way forward is to lay the foundation for these skills to thrive, by supporting tertiary education programs, driving awareness and establishing pathways such as internships and apprenticeships.
Governments and industry need the skills of tomorrow, today, to succeed both now and in the future. The battle has begun, are you ready?
Read more about IBM’s cyber security technology here.
The Optus data breach and Australia’s recent lacklustre cyber security placing of 31 (out of 63 countries) in the latest World Digital Competitiveness Ranking (WDCR), highlights that we cannot afford to be complacent about cyber security. Aided by cyber hack toolkits obtained from the dark web, there is a rising tide of bad actors who constantly re-invent ways to obtain corporate, industrial and government data, which is then sold on the dark web and used to commit further crimes, writes David Tuffley, Senior Lecturer in Applied Ethics and CyberSecurity at Griffith University's School of Information & Communication Technology.
Read more Opinion article October 19, 2016Steve Ingram examines the rising capabilities and evolution of cyber criminals and their operations and explains that to combat these cyber criminals, Australian businesses of all sizes and government must work together.
Read more