How Will COVID-19 Impact Security Talent?

Martin Mendelsohn

New Security Talent

As we emerge from the era of COVID-19, unemployment will recede, and new jobs will be created more rapidly than jobs were lost between March and May of this year. We’re already seeing a plethora of new jobs come online, though many of these positions are quite specific and niche-oriented with a focus on IT and cybersecurity — and will grow in demand due to a national (US) skills shortage. This skills shortage has been driven by a paucity of university educational programs, lack of investment in cyber range training and simulation, and few incubators/accelerators focusing on threat prevention, preclusion, exclusion, and mitigation.

Demand for Cyber and IT Security specialists is rising, supply of qualified candidates is stagnant, and salaries are increasing while threats increase concurrently, both in supply and complexity.  What are the implications for industry leaders, and how will this situation impact the employment front?  We should also consider how this can be leveraged for professional opportunity and gain,  and how C-Suite executives should aim to develop, promote and train future IT and cybersecurity leaders in an age of budget cutting, cost constraint, and protracted uncertainty.

Implications for Industry Leaders

Most if not all senior IT security executives agree that we will see an increase in cyber-threats – – breaches, hacking, phishing, theft, and outright extortion – as more businesses move to the cloud, a shift that COVID-19 has accelerated.

Ransomware has become one of the most lucrative and profitable industries of late, as costs are expected to reach $20 billion by 2021, according to DataCore. The latest high-profile ransomware heist occurred in May, when hackers were successful in penetrating a well-known New York law firm’s database, purloining the firm’s celebrity client proprietary correspondence, contracts, and litigation.  The invoice extended by the hacker group was $42m before the matter was squelched by the Department of Justice and law firm in late-May.

This threat and others are leading organizations to search for positions like IT Security Engineers and Network and Application Security specialists. Also, the demand for domain specialists with battle scars and industry expertise is growing every day.

How Can The C-Suite Support Cybersecurity Talent

Senior leadership can explore creative ways to provide IT, cybersecurity, and engineering employees with simulated training environments. Consider Cyberbit and Checkpoint, who are providing real-time, live training at cyber ranges.

Cyber range trainers are in demand, as range training customers now span entities like state governments and large, global corporations.

Once certified by the cyber range, executives should assess the value of more formal and widely accepted cyber security certifications, which employers seek out when interviewing prospective candidates.  These certifications include: Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), and Certified Information Systems Security Professional (CISSP).  Each of these designations will add up to additional compensation for top candidates in the market and will prepare security professionals to handle increasingly advanced threats from rogue agents and quasi-government actors.

COVID-19 has caused disruption to so many aspects of commerce and life, leaving several industry sectors to continue to burgeon in 2020, including e-commerce, telemedicine and related healthcare services, and remote work. These verticals and others are incredibly vulnerable to cyber breaches, and the bad guys have embraced this development faster than quantum traders. IT security, network engineering and network security jobs are proliferating with e-commerce (payment services) providers, healthcare providers, and video conferencing technology like Zoom, Webex and RingCentral.

Two years ago, Microsoft announced plans to spend $5B on securing connected solutions (including IoT devices), a significant amount of which is being allocated to secure solutions for video technology delivered to smartphones, tablets and other connected residential and industrial devices.  This will directly contribute to employment opportunities with technology services providers investing in and deploying cloud driven, connectivity solutions.  The net net here is very simple: threats to our data and networks are increasing, rogue agents and governments are often catalysts for pernicious activity, and corporate (and government) budgets will react accordingly, by investing in professionals who can help ensure the security and safety of our data, servers, networks, and even lives.

By Martin Mendelsohn

Patrick Joggerst

Payments Companies Will Always See ROI on Embedded Real Time Communications

ROI on Embedded Real Time Communications Without secure, real time communications applications, the financial services industry could literally come to a standstill. While transactions are ...
David Shearer

Looking Back – and Looking Forward to 2020

As we celebrate our thirtieth anniversary here at (ISC)², it’s incredible to look back at the changes our industry has been through. From advances in ...
Patrick Joggerst

Living on the Edge: The New Real-Time Communications Security Risks

Real-time communications Security Risks As more and more people have been forced to work remotely due to the global public health crisis, collaboration platforms have ...
Darach Beirne

Raising the Bar for Business Communications with Deep Customization of WebRTC

Business Communications and WebRTC By Darach Beirne, Vice President of Customer Success at Flowroute, now part of Intrado, and Julien Chavanton, Voice Platform Architecture Lead ...
Kyle Bernard Author

FlightHub and JustFly on Facial Recognition Technology, Travel and Privacy

Facial Recognition Technology For years facial recognition technology only existed in science books, television and cinema. The idea was brilliant. However, real-world technology hadn’t yet ...
Ajay

Explainable Intelligence Part 3 – The Strategy for XAI

The Strategy for XAI It is not enough to say that something is true just because 'I know it’s true!' – we have to have ...
The Manuscript.png