Recent headlines and the increasing number of cyber-attacks on individuals and companies have put cyber security firmly at the forefront of every business leader’s mind.
The theme of this year’s Australian Cyber Security Centre Conference in Canberra is resilience and will discuss the latest threats and advances in cyber security.
A big focus of the Conference this year is to promote and inspire women to pursue a career in cyber security. And also in building the skills of a cyber workforce.
Cyber risks are changing constantly. Today’s protections will be outdated tomorrow. It’s about anticipating what’s coming next and finding new ways that are adaptable to the way the world is changing.
Threats are coming from everywhere and every one of us is a target. The huge amounts of data held by companies and governments present a large attack landscape for identity fraudsters, criminals and politically motivated attack agents. As we can all see from events globally, successful attacks can result it major pain and disruption and expose citizens’ private data.
Risks change constantly as do attackers’ techniques. Security needs to be actively anticipating and agile enough to respond as and when attacks evolve. It’s not a matter of if an attack might occur – it’s a matter of when.
And in order to protect against such threats we need a much broader lens to address this effectively.
Cyber security has traditionally been the domain of engineers and computer scientists. But we also need business professionals who bring a deep understanding of what the business processes are and the opportunities these bring to attackers.
We need people who are constantly aware of industry intelligence to understand what the next wave of attacks might be and how to safeguard systems. We need professionals who are experts in the complexity of technologies across their environments. We need data scientists, operations experts – professionals from a diversity of skills and backgrounds who all bring different perspectives and talents.
I’m an example of someone who did not come into security via the traditional route.
I came into IT from a communications background about 20 years ago when I knew very little about IT. I applied for a job with an IT company which was at the forefront of digital identities back in the day. The problem the company had was that it was full of technicians and they had dreadful trouble explaining their solutions to their clients. So I was brought in to write and help communicate by breaking down the technical detail into a digestible message.
Now as a senior manager in the security practice with Accenture I’m much more tech savvy than I was back then. But I’m still not the technician in the mix. I define requirements and manage teams. I articulate the value of security technology and see that it makes pragmatic sense. If you can’t explain it to me, you can’t explain it to a client.
So I would encourage people who have an interest in a cyber security career to really explore the industry. Cyber security skills such as such as lateral thinking and problem-solving skills are often found in people outside traditional fields and it’s these diverse perspectives we need in the profession.
A career in cyber security has infinite possibilities at the moment because it can be what you want to make of it. The landscape of what you can become an expert in or how you can be creative is moving rapidly. It has a voracious appetite for ideas, learning and collaboration.
It really is a spectacularly flexible career for someone who is dedicated and creative.