11th October, 2023
Article by Paul C Dwyer, President of the ICTTF International Cyber Threat Task Force, created for Technology Ireland ICT Skillnet as part of the European Cybersecurity Month
The digital age has birthed boundless opportunities. From the manner in which we communicate to the way we conduct business, the digitisation of our world has both eased and complicated our way of life. As our reliance on technology grows, so too does the number of cyber threats we face. The European cyber landscape today grapples with a colossal challenge: a pronounced cyber security skills gap. While it may be tempting to imagine cybersecurity as an elite tech fortress, reserved for only the most technologically savvy among us, this perception could not be further from the truth.
Dispelling Misperceptions
Firstly, the realm of cybersecurity is often enshrouded in myths. Many believe it’s a playground exclusively for the tech-savvy elite. However, in reality, this sector is a rich tapestry of diverse skills, backgrounds, and experiences. Like any other profession, its strength lies in its diversity. It’s not just about understanding code but about strategy, governance, communication, law and even psychology.
Every individual, regardless of their background, can contribute a unique perspective to address multifaceted cyber threats. This is a meritocracy, where you’re measured not by your lineage, but by your expertise and contributions.
Broadening the Talent Horizon
The nebulous nature of job descriptions in cybersecurity can deter potential talent. Ask someone to describe a cybersecurity expert, and the most likely image conjured is that of a hoodie-wearing hacker. But the industry is much more expansive. There are roles in policy formulation, risk assessment, communication, education, and more.
Moreover, industry-recognised micro-credentials, like the CCRO (Certified Cyber Risk Officer) from the ICTTF, exemplify the evolving nature of cyber education. Unlike many academic degrees, which may struggle to stay updated with the rapidly changing cyber landscape, these credentials are agile, focused, and industry-relevant. They show that the candidate is not only informed but is also aligned with the industry’s present needs.
Business leaders across Europe need to appreciate this broad horizon and invest in capturing and nurturing this talent. They must recognise the allure of a cybersecurity career, not as a niche profession but as a dynamic field with roles for people from all walks of life. The EU Strategy is delivering a secure digital economy and this is being supported by an incredible amount of legislative instruments including but not limited to the DORA Digital Operational Resilience Act and NIS 2 Directive.
Change brings opportunity, and innovation requires cyber risk management to be successful. Are you ready, are your people ready, is your business ready?
Nurturing and Retaining Talent
With the increasing sophistication of cyber threats, the environment in which our cybersecurity professionals work is undoubtedly high-octane. As a result, stress levels can be high, and professional burnout is not uncommon. Attrition rates in the industry soar, and replacing seasoned professionals is no small task. ”Today we have the technology and ability to build a human and it takes 9 months, to build a CISO it takes us 20 years!”
It’s imperative for industry leaders to understand the importance of not just attracting, but retaining talent. Continuous training, mentorship, and an emphasis on work-life balance are essential. Establishing support structures within organisations can help reduce the burnout rates. This could include mentorship programmes, continuous learning opportunities, or even just fostering a culture that values mental health.
Moreover, acknowledging and rewarding the skills and competencies gained through industry-recognised credentials, like the Certified Cyber Risk Specialist, is essential. These credentials often represent practical, hands-on experience that is immediately applicable in the real world, rather than theoretical knowledge that might become obsolete before it’s even applied.
For Europe to defend its digital frontier, it must not only fill the current skills gap but also anticipate future needs. Investing in education initiatives, like the online academy offered by the likes of the EU Cyber Academy, is key. The industry is not just about coding and hacking but understanding the bigger picture, the business implications, and most importantly, the human element of cybersecurity.
Conclusion
The threat of the cybersecurity skills gap is real, but it’s not insurmountable. By dispelling misperceptions, broadening our understanding of what constitutes a cybersecurity professional, and nurturing and retaining talent, we can build a robust, resilient, and diverse cybersecurity workforce fit for the challenges of the digital age. The onus is on European business leaders to recognise and act upon these imperatives, ensuring a safer digital future for all.
About the Author
Paul C Dwyer, President of ICTTF International Cyber Threat Task Force, is a globally recognised expert in cybersecurity. Through initiatives like the ICTTF, he strives to bridge the skills gap, ensuring a cyber-resilient future for Europe.
Tackle cyber threats with confidence
Cybersecurity skills are continually in high demand and cybersecurity specialists are needed now more than ever.