A persistent industry PR problem and over-prescriptive employer demands continue to frustrate efforts to close cyber-skills shortages, according to James Lyne.
The SANS Institute instructor and Sophos global head of security research made the comments during his induction into the Infosecurity Europe Hall of Fame today.
“I’ve spoken to many people coming out of competitions saying ‘I didn’t realize there was a job in cybersecurity’ – so clearly there’s an advertising problem,” he argued.
Lyne also claimed that highly talented young cybersecurity enthusiasts find themselves presented with a huge barrier “to get onto the ladder of improvement” thanks to excessive demands from employers for professionals with several years’ experience.
“These are ridiculous problems in the face of industry skills gaps,” he argued.
Lyne explained how he ended up in cybersecurity via a circuitous and somewhat fortuitous route, claiming he may even have been tempted down a darker path had things worked out differently.
“I had a lot of online mentors at the time who I’ve never met who were hugely influential for me,” he said. “I think the biggest issue is showing people that there are good jobs here. At the moment it’s easier to offer anonymous hacking services on the dark web.”
Although Lyne admitted his career has been “filled with lucky interventions,” he’s working hard to ensure the next generation of cyber-enthusiasts don’t have to rely on luck to carve out a successful future in the industry.
He bemoaned the lack of focus in learning on understanding how things work, claiming modern tech professionals perhaps rely too much on off-the-shelf tools.
“We need to rebuild that ‘rip it apart’ culture,” said Lyne. “The level of understanding of how tech works has dropped off a cliff. Technology is just so usable out of the box.”
The government’s Cyber Discovery scheme, which Lyne was instrumental in developing, aims to achieve this by using gamification techniques to encourage more kids into the industry.