From WannaCry to Petya, it’s no wonder the cybersecurity sector is crying out for talent to fight ransomware. Hays’ Carolyn Dickason explores the increasing need for talent in infosec.
Not a month goes by these days without a global cyberattack disrupting businesses, public institutions or, in some cases, whole countries.
Weeks after the WannaCry malware attack – whose potential costs cyber-risk-modelling firm Cyence estimates at $4bn – the Petya cyberattack targeted a number of Ukrainian banks and companies, and quickly started to spread across the world, reminding us that cybersecurity is a crime that knows no boundaries.
For many financial institutions across the world, IT security and protecting customer data has become an absolute priority. They will therefore welcome experts in the field with open arms, and increasingly generous pay cheques.
Cyber threats on the rise
According to global digital security company Gemalto’s recent Breach Level Index report, data breaches globally increased 86pc last year compared to 2015, leading to almost 1.4 bn data records being compromised worldwide. Whereas financial services have been one of the most targeted industries in the past, no sector is now immune to the threat, the firm highlighted.
“The Breach Level Index highlights four major cyber-criminal trends over the past year. Hackers are casting a wider net and are using easily attainable account and identity information as a starting point for high-value targets,” said Jason Hart, Gemalto’s chief technology officer for data protection, in the report.
“Clearly, fraudsters are also shifting from attacks targeted at financial organisations to infiltrating large databases, such as entertainment and social media sites. Lastly, fraudsters have been using encryption to make breached data unreadable, then hold it for ransom and decrypting once they are paid.”
IT security recruitment is accelerating
To fight off cyber-criminals, PWC’s latest State of Security Survey 2017 estimates that security spending has soared 67pc since 2013. This year, security investments increased 11pc over the year before. Along with increased spending, businesses around the world report that IT security vacancies increased by 6.2pc during the year ending 30 April 2017, and the recent spate of attacks are “likely to see this trend increase”, according to the Association of Professional Staffing Companies (APSCo).
My colleague, Mohammed Elazizi, manager at Hays IT, has also witnessed this trend. “We’re seeing a consistent increase in both contract and permanent demand for security experts across a range of financial services clients.
“There are many factors that contribute to the rise in demand. Some of it is driven by the increased awareness of cyber threats that are made public as this can hugely impact an organisation’s reputation in the market. It is also because some companies are trying to be more proactive in their approach to security. They are trying to combat threats before they occur.”
Mohammed also expects demand to continue to grow in the months and years ahead as he believes most of the financial services organisations are just starting their journey into being more aware and secure of cyber threats. “As the market constantly evolves, the demand will continue to try to stay ahead,” he points out.
A race for talent
Mohammed says that some roles that are particularly in demand in the financial services industry include security analysts and security architects, cyber-threat intelligence analysts, consultants, cyber-incident analysts, etc.
However, there is a worldwide shortage of such experts. “Arguably, the salaries and rates of security experts have increased as financial services organisations have battled to attract the best talent. Many of them have been forced to look outside of the sector when looking for talent to meet the demand of new skill sets that simply didn’t always exist in the industry,” he says.
This demand and pressure to hire the best IT security talent is essential, not just because the industry tries to defend itself, its clients and its reputation, but because, as highlighted by a recent survey by the Global Centre for Digital Transformation (GCDT) of more than 900 business leaders across multiple industries and 13 countries, the lack of a strong cybersecurity strategy will negatively impact a company’s innovation and growth.
In other words, IT security has become essential for the financial services industry to successfully achieve its digital transformation.
Carolyn Dickason is a director at Hays Finance Technology.
A version of this article originally appeared on Hays’ Viewpoint blog.