BY Sydney LakeJuly 11, 2022, 1:27 PM
Accenture emblem through the second day of Cell World Congress (MWC), as seen in June 2021 in Barcelona, Spain.
(Photograph by Joan Cros—NurPhoto/Getty Photos)
Among the many most in-demand industries is cybersecurity. Main firms, together with these within the Fortune 500 are in determined want of the expertise, as beforehand reported by Fortune, however are working out of choices of the place to show. One problem? Cybersecurity requires a variety of abilities to achieve success—and never all of them might be taught in a classroom setting.
“By way of the expertise shortfall, I feel one of many issues that’s onerous to understand about cyber expertise is it’s not prefer it’s only one ability set—there’s no less than 17 discrete ability units wanted for cybersecurity,” Ryan LaSalle, head of Accenture Safety’s North America follow, tells Fortune. Accenture is a world Fortune 500 expertise and consulting firm and employs greater than 500,000 folks throughout the globe.
Accenture officers together with LaSalle are of the perspective that cybersecurity expertise might be developed in folks even with out a technical background. For that motive, the corporate presents a large number of coaching alternatives for present and future staff to be taught cybersecurity abilities. These embrace Accenture’s apprenticeship program and upskilling applications for present staff who’re occupied with making a profession change to cybersecurity.
Fortune sat down with LaSalle to be taught extra concerning the cybersecurity expertise demand the corporate is seeing and what it takes to be a profitable cybersecurity skilled.
Cybersecurity expertise demand
Fortune: What does cybersecurity service demand appear like for Accenture?
LaSalle: For certain, cyber expertise is in excessive demand. By way of the expertise shortfall, I feel one of many issues that’s onerous to understand about cyber expertise is it’s not prefer it’s only one ability set—there’s no less than 17 discrete ability units wanted for cybersecurity. And inside these, there’s totally different product traces and technical- and process-related abilities that make it actually, actually onerous to outline precisely what we want within the cyber ability space.
There’s positively a technical facet to cyber that I feel is what most individuals take into consideration when they give thought to cybersecurity. The hackers—the individuals who actually perceive how computer systems work and easy methods to abuse them after which easy methods to defend from that abuse.
However there’s additionally a giant human dimension to it. How do you assist psychologically enhance the best way that individuals in organizations reply to cyber threats? How do you assist make folks more durable targets? How do you practice and alter behaviors and enhance risk-based determination making and all these various things that cyber professionals have to have the ability to do to be able to be efficient with these technical options? It’s a very broad ability area.
What sort of cybersecurity roles does Accenture rent for?
The large joke in cybersecurity is that everybody’s on the lookout for entry degree folks with 5 years of expertise. We spend a lot time attempting to get to the appropriate set of credentials that we’re not on the lookout for the appropriate qualities. We positively search for skilled hires to assist make our follow higher. We search for people who find themselves seasoned professionals and are consultants within the area and are generally even luminaries of their area to assist lead and develop the capabilities we will ship.
We additionally search for very junior, entry-level people who find themselves extra uncooked expertise and are enthusiastic about beginning a profession in safety and on the lookout for methods to enter and serve a structured improvement program that enables them to choose up the talents and change into that skilled over time. So we have a look at all totally different ranges and totally different entry factors into the profession mannequin.
Learn how to pursue a profession in cybersecurity
What does it take to be an excellent cybersecurity skilled?
We’re definitely on the lookout for technical abilities. The transfer to the cloud has made each firm, each group, each company understand that there’s a spot of their data base of their groups, not simply in easy methods to transfer their enterprises to the cloud, but additionally how to do this securely. It requires a special mind-set. There’s totally different tooling; there’s totally different approaches that you must take. Ensuring that now we have the very best cloud safety staff doable signifies that our shoppers can get to the cloud sooner. They’ll obtain these advantages sooner and extra securely when now we have the appropriate expertise.
We’re positively on the lookout for folks in that area, however safety is pervasive and it’s going into all totally different elements of how enterprises and companies and authorities companies work. It’s going into the boardroom and into the C-suite to assist them work out what sort of selections they’re taking over after they’re taking over new strategic strikes: How do they steadiness the danger of these issues? In product engineering, it’s ensuring that each one the brand new shopper units which might be delivery are secured by design and ensuring that they will maintain the safety of these issues as soon as they’re within the area.
It’s wanting on the explosion of regulatory necessities on firms and companies to attest to what they’re doing and serving to to know easy methods to make sense of all these rules and switch them into motion.
What sort of training do you must be a cybersecurity skilled?
There are totally different archetypes of how folks discover their method into safety. I’m not classically educated in safety. I discovered my method into it on the midpoint of my profession. Lots of different folks have comparable tales of how they discovered their method into safety. I do just like the undergrad and credit score college applications which might be placing some rigor round info safety. I used to be a pc engineering undergraduate and didn’t have a single safety class in any of my pc engineering and pc science courses. That wasn’t actually one thing we discovered about once we have been studying about massive complicated techniques and networking and any of that stuff.
I’m actually glad that persons are placing these applications in place. The NSA Facilities of Educational Excellence and people sorts of applications have actually helped enhance the rigor and readiness of the scholars who come out of these applications. And we do rent out of these applications.
We additionally rent individuals who aren’t in these applications and don’t have a safety background who’ve an actual penchant for studying and who’re self-taught. Perhaps they’re in pc science, however possibly they’re not. Perhaps they’re in anthropology or economics or social science. They usually’ve acquired a method of approaching issues that mixes each their creativity and their inquisitiveness and so they’re selecting up safety abilities alongside the best way. We’re completely happy to show them.
After which I additionally see one other trajectory, that are people who find themselves someplace of their profession and so they need to make a change. A few of these continued education schemes, certification applications, self-study applications, and even among the grasp’s levels, and on-line applications actually assist these of us make the pivot with some confidence.
We are going to take an opportunity on folks on a regular basis. We’ve carried out it time and again once we discover people who we predict have an actual potential in safety. When folks have demonstrated with their very own dedication to undergo a kind of applications, it helps them with their very own confidence and helps us with our confidence that we all know it’s a safer wager.
We’ve talked concerning the technical aptitude it takes to achieve success in cybersecurity. What different traits ought to these professionals have?
It’s fascinating as a result of I feel there’s a complete lot occurring out there proper now and there are psychographic and behavioral evaluation to strive to determine that precise query. There are firms on the market who’re constructing merchandise to assist discover the needles within the haystacks of the individuals who may change into nice in cybersecurity—individuals who haven’t discovered their method into safety. However for me, what I’ve discovered is there are a pair issues that tie our professionals collectively.
The primary is an actual sense of mission. It’s that actual conscience that claims: “Each day, I need to rise up and I need to assist defend our lifestyle.” That could be a very distinct and distinctive attribute of safety professionals. So if somebody has that robust, ethical compass, actually robust sense of mission and goal, safety could be for them.
The second is the hacker persona: someone who rattles the locks on all of the doorways and home windows and tries to search out their method in. And a tinker equally is experimenting. They’re attempting to be taught by doing it and get their palms soiled whereas doing it. That tends to lend itself very nicely to safety.
The final one I feel is creativeness as a result of most safety failures are literally a failure of creativeness to assume just like the attacker. If you possess an excellent creativeness, it could actually assist put your self within the perspective of who desires to take one thing you could have, or do one thing to you, or have a motivation to to assault your organization. You’ll be able to assume otherwise about easy methods to defend the corporate.
How Accenture approaches cybersecurity upskilling
What sort of cybersecurity upskilling does Accenture supply?
We have now two alternative ways of tackling that. We have now a learn-by-doing program referred to as our Apprenticeship Program, which appears to be like at folks from non-traditional backgrounds that haven’t historically discovered their method into consulting and in skilled providers. We have a look at folks from non-four-year levels from different community-based organizations and convey them in and put them in one-year lengthy developmental roles in safety. You receives a commission as an apprentice, and also you get placed on these applications and initiatives. It’s a 12 months of studying by doing.
Moreover, we discovered that different folks at Accenture and different people who we’ve recruited generally profit from upskilling and reskilling, as nicely. If I discover a knowledge analyst who has a penchant for that mission and creativity piece and so they need to be a part of safety, I’ve an upskilling program for them. They might be in a special profession trajectory middle. I can deliver them in and put them by way of a pen testing program or put them by way of a cloud safety program and so they can upskill and reskill on the job after which begin their new profession with our safety enterprise.
What different recommendation do you could have for aspiring cybersecurity professionals?
The expertise scarcity isn’t a provide aspect downside. It’s an attractiveness downside. We have now to do higher at luring folks and serving to them seize their creativeness, serving to them perceive why this can be a nice business to be in. Then the provision will come and we can assist construct these folks. We all know easy methods to do it. Nearly everyone in safety didn’t begin in safety. All of them discovered it alongside the best way.
We all know we will do it. We simply should make it thrilling and attractive for different folks.