When teachers encourage children to think about their future careers, they tend to run out of familiar lists: doctors, lawyers, business leaders, scientists, educators, engineers. Technicians may investigate, but they never become cybersecurity experts. Claire Johnson, Partnership and Outreach Manager at the University of South Wales, says this invisibility is strange because cyber is one of the most important and demanding jobs.
“It’s like a closed door,” she says.
Part of the downside may be that career advisors have an outdated view of cybersecurity as purely IT-related, but these days it’s a collection of a very broad discipline.
“It’s a bit like multimedia,” says Johnson. “In the old days, it was an IT issue. If multimedia websites and multimedia marketing materials were classified as IT because they were so new and technical, you would be surprised if there were no multimedia experts in marketing. Department. It just pervades everything else. “
If necessary, the security team needs to be more representative of the organization to ensure that security permeates everything else. Effective defense requires a diverse team of human resources, governance, data protection, leadership, management and communications expertise. But for many, cybersecurity is reminiscent of militaristic images, strict control characters, and tremendous bushes of acronyms.
Addressing this issue should begin with education. Johnson has been working with teachers and children to introduce cybersecurity concepts from an early age. This can be profitable, she says. This is especially true for girls aged 12 or 13 who tend to look away from technical subjects. She will also visit Brownie’s unit to showcase the joy of collecting open source intelligence, also known as cyberstalker celebrity.
“It’s not as sinister as you might think,” she claims. “What we are doing is knowing as much as possible online about the celebrity of your choice. They probably love to do it because they find a small chunk of information they didn’t know about. And it’s all readily available on the internet. It’s not a secret.
“But at the same time, we can teach a lot about their own digital footprint. We can teach them how police use it to search for missing persons and online criminals. You can also teach about. How much you should look into someone. It’s a really good way to teach them many different concepts. “
Another door wedge is being recruited. Agencies, in particular, tend to advertise jobs that require all sorts of qualifications and experience, perhaps because they want to catch big, elusive fish, or because they don’t really understand the position they’re looking for. ..
“Many of them are completely unrealistic,” says Johnson. “They think they need cyber specialists, not the role of specialists in data protection and information security, and put everything they thought was related to cybersecurity into that one job.”
Again, this will put off the very people that modern cyber teams need to be truly effective.
“There are many studies showing that men are much more likely to apply for a job if they meet lower thresholds than women. Women want to be able to justify their application in all respects. It’s a level job, but it requires five years of experience. Well, this or that qualification doesn’t happen on its own. “
Since cybersecurity is no longer a pure IT concern, Johnson believes organizations should look to train people in-house rather than relying on recruiters. Many people benefit from moving sideways. In the past, cyber locked down systems, banned certain actions, and called for breaches, but nowadays it’s much more important to explain the risks.
“If someone clicks on the phishing link and you don’t want to put it in the prank corner,” Okay. I’m having a problem. I’d like to know about it, and I’ll educate you together. You can do it. It’s about its cultural awareness, the development of its conversations, and the provision of a support network, and I think women are really good at it. “
As another example, showing how easy it is to crack a weak password is more productive than telling the rules about passphrase length and complexity from above. Then the information will stick. I think it’s much more beneficial to people. “
open the door
According to Johnson, a cyber career can be very rewarding both personally and financially, but it is not suitable for everyone. It’s a rapidly changing world, roles are evolving rapidly, and constant learning is part of the job. Responsibility for organizational security is, of course, quite stressful. However, according to Johnson, members of the cyber team are usually very supportive, in contrast to their somewhat forbidden image. They all need to get along and have so many disciplines. No one knows everything.
“I’m only confident that I can attend a meeting and say,’I’m sorry, I don’t know what it is.’ I’m still looking for something on the internet.”
The cyberskill gap still seems to be wide. When news of new ransomware, country-sponsored attacks, or massive data breaches is a daily event, for many it seems crazy that security is still a closed room. Recently, Johnson realized that few women attended college security sessions and decided to set up another cyber women’s conference. It was an immediate success, and attendees told her that she had long been interested in this or that aspect of cyber, but couldn’t find a way.
She says it takes a little effort to keep the meeting going, but it’s rewarding.
“You get in touch with someone else and say,’Oh, that really helped.’ So you do, because I think I changed someone’s feelings about the industry, what did they do? Because I gave them a vision of what they could do. Be their job. That makes it all worth it, right? “