My TechDecisions

Compliance, IT Infrastructure, Managed Service, Network Security, News

How COVID-19 is Changing the Cybersecurity and IT Workforce

The COVID-19 is changing how organizations should recruit, hire and train IT and cybersecurity professionals to help the overburdened workforce.

Leave a Comment

Cybersecurity Skills Gap

If you’re an IT or cybersecurity professional, you’ve been very busy over these last few months dealing with a gigantic jump in remote work and the increasing security challenges brought on by the coronavirus pandemic.

Almost overnight, IT and security staff had to figure out how to help the entire office work from home and stay secure and protect the company in doing so. Now, organizations should think differently about how they recruit, hire and train those positions, according to Simone Petrella, CEO of cybersecurity workforce development firm CyberVista. 

That’s increasing the importance of IT personnel and changing the way companies should recruit, grow and train talent,” Petrella says.

The growing threat surface

Both private organizations and public government agencies have warned of an increased attack surface due to remote work and news headlines about the coronavirus pandemic.

“In many sectors, it’s increasing the need for there to be IT and security personnel because so much has moved either virtually or online,” Petrella says.

According to reports, hackers and state actors are targeting remote work solutions like videoconferencing platforms and are conducting phishing attacks posing as official health organizations. State actors are also targeting healthcare research about the coronavirus.

“Those threat actors are very aware that we now have people who are accessing corporate networks from home, those of us that are fortunate enough to be able to continue to work remotely,” Petrella says. “And so everyone’s home network is now an endpoint that connects to their business in some way, and so that creates an entirely new attack surface and increases exponentially the amount of vulnerabilities that were already there.”

Remote work was already trending up, but this happened much faster than anyone could have anticipated.

“We were never really situated to be … entirely remote,” Petrella says.

For example VPNs need to be installed on endpoint devices, but there are now added enforcement and compliance components to deploying a VPN.

“That puts a real demand increase on the type of talent we need,” Petrella says.

My TechDecisions Podcast Episode 83: COVID-19’s Effect on the Cybersecurity Workforce

Look within for new cyber, IT talent

With those added pieces and the perfect storm of security and infrastructure issues being caused by the pandemic, organizations should look at filling those cybersecurity and IT positions a bit differently.

That might include outsourcing security functions or looking to other areas of the organization affected by cost cutting measures and see if existing talent could be revectored into more security-enabled roles.

”That way, you’re not necessarily … losing good talent that you already had institutionally, and you’re giving them an opportunity to upskill into a growing field,” Petrella says.

Even before the pandemic, the cybersecurity and IT industries were harping on the need to build a talent pipeline. That notion may have been doing them a disservice, according to Petrella.

“The truth of the matter is that a lot of the talent they need is really sitting under their noses, and they could more efficiently and cost effectively upskill that talent into the roles that they need, and have the added benefit that there are people who know the business objectives, the organizational culture and institutional norms,” Petrella says. “And those are really important things for employers when you talk about retention, but also value creation.”

If the COVID-19 crisis has taught us anything, it’s that cybersecurity professionals are needed in every industry and every sector, but different organizations require different skills for their cybersecurity and IT staff. As such, employers shouldn’t just take a blanket approach toward hiring for those positions.

Those employers want professionals skilled in both of those aspects, but new cybersecurity workers also need soft skills like communication, teamwork and management.

“it is increasingly important we find security professionals — or we grow security professionals — who are able to apply those controls in a way that’s consistent with objectives of the business and making that logical leap,” Petrella says. “Otherwise, you’re doing it without any real context.”

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ