While demand for cybersecurity services continues to be strong for HCL Technologies, talent remains an area of concern. To cater to the demand, the company is employing and training fresh graduates in security roles, according to Maninder Singh, its corporate vice-president for cybersecurity.
“My view is that a lot of youngsters are realising that security is a career option. They’re coming in, but it will take a while to fill the talent gap. When you actually float a resume in security and say you want a 10 years experienced professional, it is better to cut out the zero. It is better that you look for a fresh grad who will be more exposed to current technologies which are running and understand the current security landscape,” Singh said.
HCL is working closely with universities in India, the US and Europe, and increasingly hiring locally. These are either graduates who have done cyber security as a specialised subject in Bachelor of Science (BSc) or Bachelor of Technology (BTech) or a Masters with cyber security as a specialisation.
Singh said most fresh graduates adapt well to security requirements of Cloud, hybrid models and other digital technologies. “I’m not saying that experienced talent is not important. They are required, because they have so much they can contribute from what they have seen in the last 15-20 years,” Singh added.
While agreeing that the hype around cybersecurity has slowed down, Singh said the spate of global, high profile cyberattacks in the last two years have made boardrooms across industries take cybersecurity seriously. Last year saw some high profile data breaches at some of the largest firms in the world, including Facebook, British Airways, Macy’s and so on.
According to a recent report by cybersecurity firm Kaspersky, data breaches are becoming more expensive for enterprises. In 2019, the cost has risen to $1.41 million from $1.23 million in the previous year. In response to this, large organisations are investing more on cybersecurity, with the annual average enterprise IT security budgets at $18.9 million, compared to $8.9 million in 2018.
While traditionally, banking, financial services and insurance (BFSI), retail and health care have been big spenders on cybersecurity, Singh sees opportunity in another business line as well.
“BFSI, health care and life sciences will always remain top spenders. The reason is either they deal with money or with life or the sensitivity of security is extremely high in those domains. Manufacturing was a laggard, especially industrial manufacturing,” he said.
The reason, he added, was that given the recent malware attacks like WannaCry, Petya or NotPetya, which impacted a number of companies across industries globally, the impact on manufacturing firms was huge.
“A plant (manufacturing or industrial) IT security was not run by the main IT teams. So, a lot of infections and malware penetrated into industrial equipment and actually shut down the plants (like production systems), which were allowing trucks to move in, and more was hacked and stopped. For 5-8 days, people had no manual system to support things,” he said.
There is also a lot of stress on using artificial intelligence (AI) in cybersecurity. A report by Capgemini found that businesses are increasing the pace of investment in AI systems to defend against cyberattacks. About 69 per cent of organisations surveyed said they would not be able to respond to critical threats without AI.
While agreeing that machine learning and AI will be helpful, Singh said, “I think it’s going to be human-led, AI/ML assisted.”
This implies that critical decisions will require human intelligence.
Youngsters realise that security is a career option, says HCL’s corporate VP
Fresh graduates adapt well to security needs of Cloud, hybrid models, and other digital technologies
Spate of cyberattacks in last 2 years have made boardrooms across industries take security seriously, across the globe
Cost of data breaches in 2019 rose to $1.41 million from $1.23 million, says a Kaspersky report
There has also been a lot of stress, lately, on using AI in cybersecurity