The end of the year is traditionally a time to look back on what has happened over the last 12 months and make predictions as to what might happen in the year ahead.
This year, I’d like to take a different approach and share my observations on the shortage of qualified cybersecurity talent, which has been an industry-wide problem through 2019. I sincerely hope this is not a problem that is exacerbated in 2020 – and that other vendors will follow our lead in taking progressive and creative approaches towards attracting new talent.
The scarcity of cybersecurity specialists is very real, with various reports estimating a global shortage of 3.5 million unfulfilled positions by 2021.
Faced with a challenge of that magnitude, we need completely new thinking to make progress towards a solution.
Some help comes from automation solutions, and we at Fujitsu are applying this technology to our global Advanced Threat Center. Automation can reduce a lot of the manual and repetitive work specialists have to undertake, increasing an individual’s productivity.
However, the real power of automation is in enabling skilled analysts to deal with threats faster by providing richer contextual information and therefore there is still a need for people here.
It is unlikely a complete, automated solution to the skills crisis will emerge in the short term. Even if it did, the demand for experts to advise organizations about cybersecurity measures is still going to be intense.
How Fujitsu is driving new approaches to find cybersecurity talent
Our industry is facing a shortage of skilled people and an inadequate pipeline of people in appropriate training courses. However, rather than wait for someone else to fix the problem, we have been taking the initiative.
We are engaged in a program of activity to find the best cybersecurity talent and have set up hubs across the world to give our customers access to the best experts that the industry has to offer, globally.
We are also engaging in new ways to find talented new recruits, including opening doors to groups in society who have not felt willing or able to consider this sort of career in the past.
We have been collaborating with University Technical Colleges in the UK to help train 14-18 year old students in cybersecurity to help start them off in a career they may never have had the chance to explore.
More recently, in Brussels, Belgium, we have been working for the last year with a wide ecosystem of interested parties in regional government and education to work collaboratively to provide different pathways for jobseekers looking for employment in IT.
Fast-tracking cybersecurity training
In partnership with Evoliris, the Brussels-Capital Region Professional ICT Reference Center, Actiris, the Brussels Regional Office for Employment, and Brussels Training, the French-speaking public service for the vocational training of Brussels, we organized a 55-day cybersecurity training in Brussels, Belgium, with a notable difference – entry was open to anybody – regardless of existing qualifications.
After screening a number of potential candidates, we were able to find 12 people who successfully completed the course and have joined the cybersecurity talent pool.
By taking the radical decision to ignore the candidates' past qualifications and focus only on their cognitive and behavioral abilities, we produced some unconventional, but highly effective, candidate profiles who share certain characteristics: persevering, flexible and curious.
For example, one successful applicant was formerly a heating engineer, highly intelligent, with all the necessary capacities to become a cybersecurity expert, but who had previously not had access to the conventional educational system.
We also have onboard someone who was keen to return to work after a career break to bring up her children. The training was an opportunity for her to get her career restarted in a promising sector of an increasingly digital world.
I’m not going to pretend that making such a bold step was obvious or easy for us. We have an innovative, open culture here at Fujitsu, but even so, our Head of Enterprise & Cyber Security in Belgium and Luxembourg, Alain Rasschaert, needed to convince skeptics that this was clearly in the interests of our customers.
Fujitsu in Brussels has numerous customer projects where it is seeking additional resource and we are committed to hiring individuals who successfully complete the course and reach the standards we set for cyber-security client engagements. I am delighted to report that Fujitsu hired six of the participants and that the remaining candidates went on to additional training.
Clearly, Fujitsu is highly motivated to solve major business challenges like skills shortages. By thinking differently, opening our minds to new approaches and collaborating with all the interested stakeholders, we are demonstrating that it is possible to make inroads into this issue, to the long-term benefit of society as a whole.
To close, my wish for 2020 is that other vendors in cybersecurity will also embrace creative, open new approaches like these. We have proven the benefits of attracting new talent to the industry, and we all stand to benefit if we can solve the chronic skills shortage, which affects us all.