The theme of last week’s RSA Conference 2019, “Better,” gave ISACA the opportunity to engage with information and cybersecurity professionals on how we collaboratively move the technology field into a better future.
ISACA kicked off RSA with the release of part 1 of the 2019 State of Cybersecurity report, which revealed insights into issues affecting the cybersecurity workforce and the skills that are currently most in demand.
ISACA leaders addressed this topic in their panel, “Building—and Keeping—Your Cybersecurity Team with Nontraditional Staff.” Rob Clyde, CISM, ISACA Board Chair, walked through key data from the 2019 State of Cybersecurity report, then moderated a discussion on how cybersecurity teams can source talent from diverse backgrounds and skill sets. Joining Clyde were panelists Tracey Dedrick, ISACA Board Director; Tammy Moskites, managing director, Accenture; Gabriela Reynaga, ISACA Board Director and founder/ CEO, Holistics GRC Consultancy; and Gregory Touhill, ISACA Board Director and president, Cyxtera Federal Group, Cyxtera Technologies, Inc.
To illustrate how common it is for people to join the industry from other career or educational paths, Clyde asked the audience of over 75 attendees, “How many of you studied cybersecurity and then went immediately into a job?” Only a couple attendees raised their hands.
The panelists shared some of the qualities that non-traditional job candidates can bring to a team. Dedrick noted that she likes to hire people who are the first generation in their family to go to college, noting they often “know how to not take things at face value, and to negotiate.” Both Moskites and Touhill emphasized the importance of new hires having a strong desire to get into the industry. “You want folks who are naturally curious and eager to solve problems,” said Touhill. Added Moskites, “I look for anyone with that ‘fire in their belly’ who is eager to learn,” noting that she once hired someone who had previously worked at a grocery store filling food containers, because of that person’s drive and passion—and this person turned out to be one of her best employees.
Reynaga and Touhill also shared their recommendations on how to attract more women and military veteran candidates to cybersecurity jobs. “There needs to be flexibility in scheduling for both men and women,” said Reynaga. Touhill noted that HR professionals need to have relationships with their local military bases’ transition offices, saying, “If you’re not, you’re cheating yourself out of a great talent pool. Veterans want to continue their mission.” He added that the Wounded Warrior Cyber Combat Academy is another place to look for veterans with cybersecurity skills.
Later that day, ISACA’s SheLeadsTech program hosted a panel that continued the conversation, focusing on how to attract and retain women in cybersecurity roles. Clyde introduced the group, including moderator Moskites and panelists Reynaga, Dedrick and Kim Dale, CISA, CISSP, IT Audit Specialist, Federal Reserve Bank of Chicago. The four women shared the stories of their career paths and challenges faced along the way—including one sharing how it felt to be the only woman on the leadership team, and another panelist recalling how she was once told that a more senior role wouldn’t be appropriate for her because she should be focused on getting married and having children. They provided advice for other women around applying for jobs even if not all qualifications are met, charting your own path if others try to hold you back, and to define what success means to you, even if it’s not considered “traditional.”
ISACA plans to continue these conversations well beyond the conference, promoting initiatives that lead the industry and engage all information and cyber security professionals toward “better.”
To learn more about the ISACA 2019 State of Cybersecurity Report, click here.
To learn more about SheLeadsTech and to get involved, click here.