By Joan Goodchild
The numbers vary on how severe it is, but the skills gap and talent shortage in the security industry has been well documented. An estimated 3.5 million cybersecurity positions will be unfilled by 2021, according to a 2017 report from Cybersecurity Ventures. And a report by the Center for Cyber Safety and Education finds the world's economy is on pace to have a gap of 1.8 million workers by 2022.
Hiring managers are desperately looking for fraud and security talent in multiple verticals, and it is acutely felt in the payments and financial services industry.
“The financial services industry is not only one of the most advanced and forward leaning sectors when it comes to cybersecurity, it is consistently one of the most targeted by cyber threat actors,” said Alexander Niejelow, senior vice president for cyber security coordination and advocacy at MasterCard. “As technology grows and evolves, so do the types of cyber threats. This requires a more agile skillset—people need to take a continuous learning approach to stay ahead of potential security and fraud issues—some of which we haven’t even encountered yet.”
A partnership to develop security talent
For its part in addressing the talent gap, Mastercard has teamed up with Microsoft and Workday, a dozen federal agencies, and the Partnership for Public Service to create a Cybersecurity Talent Initiative. The mission: to build a pipeline of professionals with the security and technical skills needed in the financial ecosystem. The initiative involves a group of both private sector corporations and federal agencies, and provides cross-sector opportunity for graduates in cybersecurity-related fields to start their careers with public and private sector work experience.
“All selected participants are given the opportunity of a two-year placement at a federal agency, then invited to apply for full-time positions with the program’s private-sector partners, and those hired by these private-sector companies will then receive up to $75,000 in student loan forgiveness,” explained Niejelow. “This is the first year of this program, with applications closing on October 19, so we are excited to see how this continues to evolve as more corporate partners and government agencies join us in our efforts to the close the cybersecurity talent gap.”
Higher ed might offer some help
An initiative with IBM Security looks to partnerships with local colleges and universities to find talent. Known as the IBM Security Academic Outreach program, offers training opportunities, scholarships for cybersecurity study, and sponsors hacking contest for teens, according to Heather Ricciuto, who leads the program.
“While attracting top talent to IBM Security is one important part of the equation, we also aim to reach students with a wide variety of backgrounds in order to broaden and increase the overall pipeline of candidates considering careers in cybersecurity,” Ricciuto. “We're also focused on collaborating with educators to help students get the training and resources they need to be successful in this industry.”
Ricciuto said she believes the program has been successful so far in reaching interested students who might otherwise not have been aware of security or fraud prevention as a career. They key, she said, is persistence and a commitment to raising awareness among younger populations.
“Creating a robust program requires long term commitment to building strong partnerships with schools, government organizations, non-profits and other industry partners. This commitment also means showing up year after year at academic conferences and competitions, and a commitment to raising public awareness around the skills shortage.”
Financial and payment service organizations may be overlooking potential talent right under their noses by neglecting to upskill in-house talent. Do you have eager, intelligent talent in-house with an interest in technology and a willingness to adopt a security mindset? Then start there.
Some have already realized the value in developing existing talent to address the skills gap. Last year, Discover Financial Services announced it would offer employees a program that will cover tuition, fees, books, and even supplies for some online degrees at three online universities in several areas of study, including network security.
Jeff Combs, an experienced cybersecurity recruiter, noted in a blog post on Security Intelligence that being flexible and upskilling internal talent has other advantages besides filling in critical gaps. It also leads to loyalty.
“If you can convert someone in the company that is already part of your company and bring them on to security, you’re not only giving someone an opportunity for professional growth, but you’re also leveraging institutional knowledge,” said Combs in the post. “It develops loyalty and an esprit de corps. It shows you are willing to invest in people and take a more methodical approach to developing talent.”