Good news stories have been thin on the ground since Covid-19, so I’m delighted to share this positive message on cybersecurity from Patrick Coomans: the golden era is coming.
And he should know. As a cyber entrepreneur, Patrick has his finger on the pulse (or should that be mouse?) of cybersecurity and its business impact.
He compares cybersecurity’s trajectory to the evolution of airport security. Back in the 1960s and ’70s, airplane hijackings were a frequent occurrence. Between 1968 and 1972 the US had more than 130 – sometimes more than one a day. It took years to get airport security up to a minimum level. Since then, a whole industry has grown up around safeguarding the skies, and Patrick believes cybersecurity is on a similar journey.
Companies are aware that every digital element of their business is under threat from cyber-attack. But with little standardisation and almost no certification across the cybersecurity industry, many companies are struggling. And therein lies the opportunity.
These businesses need access to the right kind of knowledge and expertise. Without that, companies risk pouring money into ineffective processes – leaving them out of pocket and still vulnerable.
For the past three years, Patrick has been helping businesses navigate the digital landscape. The challenge, he finds, is getting start-ups to put cybersecurity measures in place from the outset.
Many are tempted to create a minimum viable product – something with just enough features to satisfy early customers and provide feedback for future product development – bring it to market, see how it goes, and then attempt to close any cybersecurity gaps later on.
Unfortunately, this approach creates a digital debt that is hard to overcome. The time and money require to redevelop systems, to create a 2.0 that is more secure, can spell business disaster. Robust cybersecurity and an attitude of “privacy by design” from day one is the differentiator between companies that make it and those that fail.
Large organisations also need to reboot their digital defences. Many list cybersecurity among their top three priorities, but the upsurge in online activity prompted by Covid-19 has forced them to reassess their processes. They need to be sure they are operating in a secure and cyber-resilient way. The question is: do we have enough talent to cope with the demand?
Schools and universities are beginning to increase their digital education offering, but there is a gap in cybersecurity learning – not helped by the perception that it is a dark and mysterious subject exclusively for geeks.
And as Patrick confirms, women are underrepresented in the industry. From classrooms and conferences, right through to the workplace, cybersecurity is a male-dominated area and many women feel it is not where they belong.
To address that, Patrick suggests we create new entry points. Rather than see cybersecurity from a technical perspective, view it through the lens of business analysis. Cybersecurity is a key part of corporate risk-management and should be considered alongside financial, reputational and operational concerns. So it follows that business analysts need cybersecurity skills. The same goes for developers and coders. It’s a natural step to add cybersecurity capabilities to such roles.
Measures like these form a bridge between business and cyber security, and widen its appeal. As does the fact that cybersecurity could be a lucrative career choice. The challenge for business is finding the right expertise, and Patrick predicts that future demand will outstrip supply. With companies willing to pay top dollar for specialists, now is definitely the time to consider a career in cybersecurity.
Are you ready to kick-start your career in cyber security?
Protect your future and become a security professional with our Cyber Security Foundations programme. This programme will give you the skills to build cyber resilience in your organisation – and future proof your career. Click here to learn more.