According to the Global Information Security Workforce study carried out by the Centre for Cybersecurity and Education, 1.8 million cybersecurity jobs in North America will not be filled by 2022 due to a lack of qualified staff. This means, among other things, that many of the security threats to our data will not be able to be addressed. And bearing in mind that in 2020 the amount of data will double every 12 hours, we have a big problem on our hands.
There is an urgent need for cybersecurity professionals, as Donald Trump has already stated in this order, not only to identify and resolve security incidents, but also to anticipate and combat them. In order to do this, they need to be prepared and they need resources. Universities make enormous efforts to offer specialised courses, but few adjust to the reality of constant change.
Catenon collaborates in the first Degree in Cybersecurity in Spain developed by the Universidad Francisco de Vitoria together with Indra, which is due to start next year.
You don’t learn everything at University
According to recent studies, more than 80% of “ethical hackers” are self-taught and at least 87% of cybersecurity workers did not start off their careers in cybersecurity. In fact, 33% of them have not studied technical degrees. But technological advances also come hand in hand with new cyber attacks, which are increasingly sophisticated and have increasing implications in all areas of organisations. Knowledge is demanded in the areas of architectures, administration and the management of operational systems, networks, virtualisation software… but also in GDPR, Artificial Intelligence, Cloud Security, Blockchain, and IoT. And all of this is demanding advances in the education system.
What are the most demanded soft skills in these profiles?
Contrary to what you might think, soft skills are just as important as technical skills and can make a candidate stand out among others.
- Communication and collaboration with all areas of the organisation to serve as a bridge between equipment needs and potential safety risks.
- Understanding human behaviour: in addition to data engineering, social engineering is also required. Being able to put yourself in the shoes of the hacker, and also the employees, in order to be prepared for external threats and internal vulnerabilities. This is a widespread problem within the cybersecurity community. All kinds of hardware and software security measures can be implemented, but hackers can use social engineering mechanisms to convince unsuspecting employees to facilitate access to systems.
- Research, reporting and documentation: everything needs to be documented (security plans, policies, user guides, communication plans, etc.).
- Ability to adapt and learn: given the continuous changes, they must be able to offer increasingly creative solutions to repel cyber attacks.
- Analytical thinking: they must be able to connect seemingly disparate points or alerts to the potential threats that may be faced in the future.
Cybersecurity is an area that will continue to be one of the most important for companies, organisations and governments. It will continue to evolve as technology advances, other threats emerge and new attack tactics emerge. In this regard, new skills are needed to cope, and universities, businesses and communities must come to an agreement.