Information Security

Defending the digital infrastructure

maxoidos - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Cybersecurity skills shortage? Hackers wanted

The problem-solving skills that many enterprises need to counter threats are hard to identity, let alone multiply.

It’s critical that we see more InfoSec training to address the cyberskills gap, and we need higher adoption of those career skills across the IT workforce. Yet, that isn’t happening fast enough, and the question is: Why hasn't the "technology generation" signed up for the InfoSec challenge?

People under 35 have grown up in a digital world and find most of what they need (quickly) on the Internet. And they expect it to be available for use at little-to-no cost (open source). InfoSec may be a hard sell to individuals who conduct their lives online and, for the most part, don’t worry about it that much.

Research indicates that Millennials have shown interest in computer science and technology careers.  One in four of the 1,000 U.S. adults (aged 18 to 26) polled in a 2014 Raytheon-NCSA survey said they wanted to become cybersecurity professionals. The problem? Researchers also found: "Millennials are interested but unprepared to enter the cybersecurity profession, uncertain about the responsibilities of someone in this job and lack mentors to help bridge the gap."

The bar has also been raised by advanced threats that require knowledge and analytical skills far beyond conventional IT security. A KMPG study of organizations in the U.K. in October showed that upwards of 50% of companies would be willing to have their security teams interact with a hacker or hire someone with a criminal record to address their skills shortage. Can hacking and the problem-solving skills that go with it be taught or credentialed? Or is it a matter of finding talented people (from Red Alert countries), who know how to get access to unauthorized data and can help to protect it? In this issue of Information Security magazine, we dig deeper into the global hiring crisis and look for answers.

In our cover story this month, industry veteran Michael Cobb looks at business and technical controls that can help expand identity and access management programs to non-employees, so you don’t lose sleep over orphaned accounts and subcontractors with elevated privileges.  

As mobile-first strategies gain wider adoption, many CIOs are also recognizing that while mobile device management and security technologies play a role, coherent policies are the key to harnessing the benefits of the BYOD phenomenon. Technology journalist Alan Earls reports on BYOD policies that work for users and security.

Finally, if you like being an InfoSec professional, spread the word to a few Millennials.

Kathleen Richards is the features editor of Information Security magazine. Follow her on Twitter: @RichardsKath.

Article 5 of 7
This was last published in August 2015

Dig Deeper on Information security certifications, training and jobs

Join the conversation

4 comments

Send me notifications when other members comment.

Please create a username to comment.

What strategies has your company used to prepare Millennials to enter the cybersecurity profession?
Cancel
Nicely written article, totally agree with the writer's point of view. hackerinthegrey(at)gmail.com is the guy you want whenever you need a hacker...top-notch professionalism combined with a reputation for utmost secrecy and discretion makes him a quality choice...you won't be disappointed!
Cancel
This, like many business processes, boils down to common sense. If you want to test the security of your infrastructure, then hire someone who is skilled enough to break through your walls. I've always wondered why the process shown in crime movies isn't used more often. Hire a professional thief as your security manager. He or she will know the best ways to thwart your systems and therefore protect them better. 
Cancel
Thanks for your comments. Other option to consider is certified ethical hackers. You can learn more about it at EC-Council.org.
Cancel

Get More Information Security

Access to all of our back issues View All

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close