Cyber-attacks are increasing alarmingly
“WannaCry” was the name of one computer virus that caused considerable damage at many companies around the world in May. And in June, it was followed by further cyber-attacks of even greater proportions. But these are merely the best-known examples of a rampant global phenomenon: the number of hacker attacks is increasing steadily. According to the Federal Association for Information Technology Bitkom, more than half of the companies in Germany have become victims of industrial espionage, sabotage or theft over the past two years. And the trend is rising. Also, due to the increase of cloud solutions – the relocation of services and data to the Internet – there are many new points of attack for cybercriminals.
“Many companies are still not taking the topic of IT security as seriously as they should,” says Martin Krill, Managing Director of Hager Unternehmensberatung. “To a certain extent, this is due to a lack of awareness at senior management level. But often, however, it is also down to a shortage of specialists and managers. This puts companies in a tight spot as they are forced to expand this field. Especially seeing as stricter privacy laws will be entering into force in 2018,” explains Martin Krill.
Bottleneck: IT security specialists
However, companies from all industries are finding it extremely difficult to meet the increasing demand for IT security professionals. “On the one hand, there is an ongoing shortage which affects the entire IT industry. On the other, the IT specialists being sought for security issues need a far broader spectrum of qualifications than pure IT experts,” explains Martin Krill.
High requirements profile
In addition to the pure programming languages, an in-depth knowledge of security and networking is required, as well as cryptography and, of course, familiarity with all popular software products. Added to this, an IT specialist must also understand the mindset of the hacker in order to proactively identify targets and take appropriate countermeasures. The preventative work that these specialists are required to carry out also includes the planning of potential attack scenarios. At the moment, our clients are increasingly looking for candidates to fill the following positions, says Krill: CISOs, heads of IT Security/Cybersecurity, Security Managers, Information Security Governance Managers, Security Architect, and security consultants/engineers.
What kind of chances do career changers have?
Bearing in mind the lack of dedicated specialists, could career changers make up the shortfall? “For career changers, gaining a foothold in the IT security industry often means having to complete intensive retraining programmes and courses that require high personal commitment,” says the Managing Director of Hager Unternehmensberatung. Increasing complexity is making it harder and harder for them to make it in the IT industry. Due to the complexity and vulnerability of IT systems, a broad understanding of inter-system relationships is required in addition to specialist IT expertise.
Battle for talent
“These days, companies are competing with firms from around the world for the best talent, meaning that candidates can pick and choose which employer they want to work for,” notes Martin Krill. These experts prefer to seek out companies that are technological pioneers and offer the latest standards. Apart from the purely material rewards of a position, the image and brand of the company play a significant role when it comes to attracting the best talents. IT security experts also like to seek out technical “playing fields” where they can test their skills and expand their horizons. A job change brings the experts new experiences and challenges, as every company has different possible weak points and vulnerabilities that need to be addressed, says Krill.
In those areas where workers are scarce, companies have to come up with plenty of ideas to attract and hire the best candidates. Accordingly, it is difficult for small and medium-sized enterprises to attract talent at all. However, they can achieve this with a better employer branding or can make use of external support to “bring themselves closer” to the candidates, explains Martin Krill.
Working with personnel consultants also offers a number of additional benefits, however. “As IT security is also a very sensitive issue, it is not only necessary to seek out the relevant knowledge and skills among the candidates, but also to look closely at their personalities. We attach special importance to checking how well candidates fit by filtering them in a tailored multi-stage process,” says the Managing Director of Hager Unternehmensberatung.
Conclusion
The subject of IT security is becoming ever more important for companies in all sectors. Experienced IT security professionals are being sought urgently to protect against cyber-attacks and hackers. However, due to the lack of skilled experts, specialists are in short supply. To fill these posts, it makes sense to turn to an experienced IT personnel consultancy.
Authors:
Martin Krill has been working for Hager Unternehmensberatung for more than fifteen years and was made a managing partner in 2004. He fills top sales and management positions in the technology industry as well as a number of other sectors.