Given my role assessing cybersecurity risks at HP, it might not surprise you if I list the biggest security challenges of the past year: the massive and sudden transition to remote work made workflows more complex, and also made companies vulnerable in wholly new ways. That’s against the backdrop of a 600% increase in cyberattacks on cloud infrastructure and a 6,000% increase in phishing attempts.
What might surprise you, however, is a part of my job that will continue to be challenging long after the pandemic has passed — bringing in talent to stay ahead of these threats. Allow me to bust a popular myth: that cybersecurity professionals must be technical wunderkinds, hoodie-clad prodigies who can crack a password in six seconds with time to spare for an energy drink. Far from it.
While highly technical roles are key, on average they make up less than a third of a healthy cybersecurity organization. Just look at my own career trajectory: I come from a technical background, but as a software engineer, not a security researcher. I have expertise in divergent areas such as product strategy, security evangelism, business development, and engineering management. And I use these skills every day as a leader at HP.
With an estimated 3.5 million cybersecurity jobs globally that are likely to go unfilled in 2021, there’s much more room under the “big tent” of this industry than people think. To be successful in the future, we need to invite people who have expertise not just in technical roles, but also in risk management, business analysis, sales, deal support, and even marketing and communications.