People before technology: recognising talent in non-original contexts to circumvent technological limitations
While innovative solutions provide cyber practitioners and enterprises with cutting edge technology designed to address the most common and persistent threats to operational security, functionality and continuity, what many delegates learned at the ECS Europe conference is that leading figures within the industry are increasingly stressing the need for companies to look to human capital, both within their organisations and outside of the profession, as their primary source of innovation, ingenuity and performance, rather than rushing towards the next great product that promises to save us all from system failure.
In the age of the global enterprise, the ability to work smarter, organise better, and develop faster, has led many companies to rely first and foremost on technology and demand that the human bend his or her will towards the requirements of the machine. This, coupled with a lack of diversity in talent sourcing, has led to an environment in which short term solutions to recurring problems in network security are recycled by the same providers who were popularising supposedly permanent corrections a decade ago.
As an example of such stagnation, and as the many speakers who described themselves as bald, middle aged men stated, there are too many bald, middle aged men who have historically and presently dominate information security. One such figure who stated this reality with confidence was Thom Langford, CISO, Publicis Groupe, who emphasised the need for companies to recognise talent in non-original contexts and for those same companies to hire motivated people and inspire them rather than end the conversation because they don’t have the right certificates or qualifications.
So, for those companies which are not yet doing so, how can they diversify their approach to recruitment to arrest the decline in individuals choosing InfoSec as a career and increase the potential for solutions coming from unlikely sources of inspiration? The answer is to take inspiration from the many real-life examples of those who have taken an indirect path towards becoming thought leaders and proven their ability to transcend the technicalities in language and processes by widening the understanding of how best to interact with the technology required to maintain the essentials of the enterprise network.
One such figure highlighted by Thom was Lee Munson, who in the last three years has made the journey from retail to InfoSec and changed job titles from Evening Shift Manager at Wilko’s to Senior Associate in Information Security. Lee’s initial step towards transforming his career projection started when he set up a website designed to provide a small following of 12 subscribers with practical advice centred on phishing emails and other IT related issues. Blind to the volume of traffic his site had garnered since its inception and following an outcry when he stated that he was taking a step back from blogging, Lee discovered the extent to which both novices and leading figures alike had taken inspiration from his guidance. Just as it took Lee’s willingness to develop his knowledge and understanding of all matters related to cyber-security to begin the process of career transformation, so too did it take the open mindedness of leading InfoSec professionals to promote Lee’s work and provide him with the hands up required to place him on an equal platform.
Remember, before technology, before process, think human.
Author: Michael Hughes