Brexit is discouraging people from coming to the UK, and that is making hiring more challenging.
In a panel at the TEISS conference in London, speakers from Barclays, Publicis Groupe, Global Cyber Alliance and the National Cyber Crime Unit, gathered to discuss the subject of Brexit in terms of sharing intelligence.
Andy Bates, executive director UK & Europe at the Global Cyber Alliance, said that data sharing has to continue, and “we do not want Brexit to distract us,” while Thom Langford, CISO of Publicis Groupe, said that if you do not have a mature threat intelligence program, Brexit will make no difference.
Paul Edmunds, head of technology at the National Cyber Crime Unit, added that data can be shared “in a consistent manner” and with GDPR offering a new regulatory environment, there will be different data and different approaches.
As the conversation moved on to the skills shortage, Laura Jones, senior cyber intelligence analyst at Barclays, said as over a million unfilled vacancies are predicted for cybersecurity, the UK “needs all of the advantages it can give.”
She called on the industry to invest more in a diverse workforce, including hiring women and ethnic minorities, and the solution is to invest in people “who are not in this room and not in this industry” and address the gaps that are brought by Brexit.
Jones said: “I bought a one-way ticket to London the day before Brexit, but don’t know if I would have done it the day after and the perception is of the country becoming less welcoming than Paris [for example]. We need to widen the scope of people that we are trying to recruit, as there are lots of reservoirs of groups of people who are not being brought in.”
Langford said that with regards to the skills shortage, an issue that needs to be addressed is generic descriptions being sent to HR, who are filtering based on certifications “and if they [candidates] don’t have CISSP or CISMV” they can be overlooked.
“That has got to change and there are agencies that we need to use. I fill most jobs through LinkedIn and Twitter and the people we interact with,” he said.
“More importantly, we want to find someone to fit a round-shaped hole: the army recruiters don’t go into the field and ask someone if they have good sniper skills, they search for aptitudes and invest and we need to do this far, far more.”
Langford gave examples of three people he hired who were a supermarket night manager, a PA and someone with a pharmaceutical background. He recommended finding people who are passionate about security and it should be more about how they culturally fit into the organization and less about their qualifications.
“Find them and invest in them, and they become the best people, and we look for the short-term all of the time,” he added. “We could halve the million roles if we invest in people and have a long-term plan for their careers in cybersecurity.”