Special Report
A special report is content that is edited and produced by the special reports unit within The Irish Times Content Studio. It is supported by advertisers who may contribute to the report but do not have editorial control.

Critical staff shortages in cybersecurity putting organisations at risk of attacks

New skillset required now that more people are working from home, says expert

ICT Skillnet offers free online training courses via the Cisco Networking Academy. Photograph: iStock
ICT Skillnet offers free online training courses via the Cisco Networking Academy. Photograph: iStock

Are you a cybersecurity professional? Then you must be in demand.

Over half of respondents to the 2020 Cybersecurity Workforce Study said their organisations are at risk due to critical staff shortages in this increasingly important area. The same report said a major recruitment drive is required to alleviate these skills shortages, with an 89 per cent increase in employment worldwide needed to close the considerable gap.

There is a “huge” skills shortage in cybersecurity, says Dave Feenan, network manager at Technology Ireland ICT Skillnet.

Skills in this area have become even more crucial as the world of work moves increasingly online.

READ MORE

“A whole new skillset is required in industry now that more people are working from home, as well as those that are now based abroad. Cyber is the responsibility of everybody, no longer just the remit of the IT department,” stresses Feenan.

Upskilling

The remit of Technology Ireland ICT Skillnet is to work with companies across all sectors to help them with up- skilling of their staff, and Feenan is keen to impress that cybersecurity training opportunities occupy “every step on the stairs”.

“There are plenty of options in the upskilling and learning environments for organisations to embrace and for people to take that journey.”

All employees would benefit from at least some training in the area of cybersecurity and ICT Skillnet offers free online training courses via the Cisco Networking Academy covering an “Introduction to Cybersecurity” as well as “Cybersecurity Essentials”.

“This is online, self-paced, and self-certified so anyone can go in and do a basic course over 15 hours. We’ve had a number of SMEs mandating their staff to complete this course, as it improves their overall cyber hygiene,” Feenan points out.

For those willing to go that bit further, an eight-week fully online course that enables the participant to become a certified cyber risk officer is also available.

For those already in the IT industry but seeking specialised cybersecurity training, there are a plethora of options. There is certainly no shortage of high-quality training in the area of cybersecurity, according to BSI’s senior consultant and global practice lead for PCI DSS, John Hetherton.

“Indeed there are many distinct pathways within the field where it is possible to specialise and be certified to an extremely high standard. If I were to categorise these at a high level, they would be defenders, attackers and risk managers. Within those categories there are entry level to advanced specialisations to suit the needs of the individual,” he explains.

BSI provides training courses for certifications such as CIPPE, CISSP, CISA, CISM, Ethical Hacker and Network Defender, and also offers bespoke awareness and training for specific industries and target audiences.

Hetherton adds that many universities also now offer specialised master’s courses in the cybersecurity space, one of the most well regarded of which is the master’s programme in Dublin City University.

“For someone wishing to shift focus into the cybersecurity profession, in many cases the primary requirement is a grasp of the fundamentals and a shift in perspective to think like an attacker or a defender – or ideally both,” he says.

Initiatives

Cybersecurity not only struggles with a skills shortage, it’s also just one area of IT where there is a distinct gender imbalance. The most recent figures suggest that just 14 per cent of the entire global cybersecurity workforce is female.

BSI’s head of CyberLab Services Isabel Forkin says the reasons for this are complex. “Our industry, like all Stem, is trying to address through targeted initiatives, and with a massive focus on breaking down barriers. Many prolific cybersecurity leaders are attempting to facilitate open discussions about gender equality.”

Forkin stresses that cybersecurity is a rewarding career: “You have a chance to make the world a safer place, and in addition to the satisfaction you get from being pushed to continuously learn, there is a sense of pride and giving back that comes with the work.

“These motivators are gender agnostic in my view and speak to core values, many of which were shaped in my early cybersecurity career by man- agers who were women in senior cyber leadership positions.”

Danielle Barron

Danielle Barron is a contributor to The Irish Times