Skip to main content

President, IBM Canada

A recent surge in major cyberbreaches around the globe reveals cybersecurity threats are growing in both volume and sophistication, leaving potential victims scrambling to find ways to properly protect themselves and their data.

While arming your company with the best security software is a good start, it's not enough. Cybercriminals are becoming increasingly savvy and businesses are falling short on adequately staffing their security teams to defend themselves against these hackers.

Story continues below advertisement

Demand for skilled security professionals is one of the biggest challenges facing the industry today, and it's only expected to grow; experts predict a shortage of 1.5 million open and unfilled security positions by 2020. This gap is further exasperated by a lack of the right skills needed to meet the modern security landscape. In the face of increasing threats, this is a shortage the industry simply cannot afford.

One of the biggest hurdles behind the skills shortage is one that companies are creating for themselves – relying on outdated recruitment models and job descriptions to rapidly fill evolving security roles. At IBM, we advocate for a new-collar approach to hiring cybersecurity professionals, focusing on skills, experience and aptitude versus degrees alone. This approach has helped fill seats on the other end of the wire with qualified candidates, and we encourage the industry to evolve their talent acquisition strategy to do the same.

Here are some tips for doing just that:

Redefine hiring models

Work with internal teams and hiring managers to document the attributes and skills that are essential for your organization today and in the future. When doing so, consider positions that could be filled with non-traditional candidates or define new ones. For example, a Security Operations Centre (SOC) Analyst: he or she reports on security incidents, assists with the response and co-ordinates threat intelligence sharing across the SOC. This individual needs to be a multi-tasker with strong communication skills – capabilities acquired through experience, not just a four-year university degree.

Expand where you recruit

Encourage the recruitment team to expand their talent search into community colleges, private technical schools, and other educational programs, as a growing number of these institutions are offering cybersecurity programs yet remain untapped by employers. Build awareness of cybersecurity as a profession and your organization as an employer of such occupations by offering learning sessions and demonstrations.

Story continues below advertisement

Create new partnerships

Reach out to government organizations, educational institutions and academic programs in your region. By partnering with business leaders, many Canadian universities are making great strides in driving innovation that equips new graduates with the skills required to thrive in Canada's evolving workforce. An example of this is IBM's partnership with the University of New Brunswick, which has resulted in a security intelligence platform that was the catalyst for the creation of a global security division in Fredericton that supports more than 5,000 customers worldwide. A highly skilled professional local workforce has been critical to New Brunswick's growing reputation as a global cybersecurity hub. Increased investment and collaboration between academia and business, along with other ecosystem partners in both the public and private sectors, will grow opportunities for a new collar workforce.

Develop robust support programs for new hires

Considering the shortage of skilled cybersecurity professionals, it's important to retain new hires by supporting and engaging them as soon as they join the team. Beyond a comprehensive on-boarding program, employers should offer mentorships, rotational assignments and opportunities to shadow more experienced colleagues. Additionally, allow employees to work on a variety of projects and to explore new technologies – not only will this help the employee with professional development, but it makes him or her feel valued and provides the team with a fresh perspective.

Help employees build and refine skills

Cybersecurity is a highly dynamic field, which requires a constant refreshing of skills. Provide employees with opportunities to stay current by encouraging them to enroll in classes and conferences and pursue certifications. Also, do what you can to support existing employees from other functions who are interested in moving into cybersecurity as a new career; they too should have the opportunity to build and refine their skills in the space.

Story continues below advertisement

Executives, educators and human resources experts contribute to the ongoing Leadership Lab series.

‘Frankly I like to surround myself with introverts that help me but they modulate my behaviour.’ Special to Globe and Mail Update
Report an error Editorial code of conduct
Comments

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • All comments will be reviewed by one or more moderators before being posted to the site. This should only take a few moments.
  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed. Commenters who repeatedly violate community guidelines may be suspended, causing them to temporarily lose their ability to engage with comments.

Read our community guidelines here

Discussion loading ...

Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.
Cannabis pro newsletter