Big Blue has embarked on skilling and hiring programmes to bring in talent from non-traditional paths to innovate for cybersecurity
By Srinath Srinivasan
In technology circles these days, capital, demand, products and platforms are growing faster than talent. When it comes to cybersecurity, this is all the more true and the uncertain nature of a cyberattack, makes it essential to have a digitally sound talent base, both technical and non technical.
As per the recent IBM ‘Cost of data breach’ report 2021, cybersecurity threats are growing in both volume and sophistication. Nearly 20% of the organisations that IBM studied, reported that remote work was a factor in the data breach, and these breaches ended up costing companies $4.96 million (nearly 15% more than the average breach). Data breaches at over 500 companies surveyed cost $4.24 million per incident on average—the highest cost in the 17-year history of the report. This points to an accelerated need for a constant supply of rightly skilled talent to counter and pre-empt such cyberattacks.
“Many cybersecurity jobs can be filled via a ‘new collar’ approach that involves tapping professionals who may not have a traditional college degree but do have the needed technical skills and aptitudes. This approach focuses on skills, experience and aptitude versus degrees alone,” says Prashant Bhatkal, security software sales leader, IBM Technology Sales, India/South Asia.
IBM has gone ahead with non-traditional career paths for problem solving, consultancy, investigative, domain specific learning and application and regulation and policy based roles in the cybersecurity department. “Once hired, these new employees are expected to strive for continuous learning and professional growth. There are many newer roles and areas emerging in the security space like risk management, security strategy and governance, DevSecOps, identity & access management, threat hunting, security orchestration, automation and response/IT automation, AI in security, etc. The industry and ecosystem need to collaborate to help address this skills shortage,” says Bhatkal.
While the enterprises were busy getting to the cloud, their security solutions became ad-hoc, adopted as and when they found it fit. “Ad-hoc adoption of cloud technologies has created a more complex IT landscape to secure, with gaps in visibility and data being spread across multiple tools, cloud and on-premise infrastructure,” says Bhatkal. “Further, the rapid shift to remote work had a tremendous impact on security programs. The problem here isn’t the adoption of these new technologies, it’s the fact that they were implemented very quickly, and companies’ existing security strategies and technologies were not able to adapt as quickly.”
In order to overcome such challenges, IBM focuses on an integrated platform approach, leveraging open standards, AI and automation to connect security tools and data across the hybrid cloud, with capabilities for seamless integration with managed services. IBM Software Labs in India, which employs Indian engineers and researchers, plays a critical role in the development of technologies that are enhancing capabilities in the areas of user and data security, security intelligence, threat management, encryption and cloud identity solutions for various platforms. In the area of security intelligence, the work focuses on building a unified platform designed to connect all of a company’s security tools and data, in order to scale across hybrid cloud environments. In the area of encryption, the innovations are focused on protecting the privacy of data as it moves through distributed, hybrid cloud environments. “While traditional encryption technologies can protect data while it is being stored or transferred, IBM is working on technologies that keep data private even while being computed upon,” says Bhatkal.
In order to bring in more talent to work on these innovations, IBM India has partnered with a number of entities and has initiated skilling programmes in India. “We’re changing the paradigm around skills and moving them to the centre of our talent model, via our returnships like Tech Re-Entry that provide paths back into the workforce, our ‘Your Learning’ platform that offers technical and soft skills courses and badges to help IBM employees upskill in the latest from the industry,” says Bhatkal. “SkillsBuild program in collaboration with the Directorate General of Training (DGT) and Ministry of Skills Development (MSDE), includes cybersecurity as a focus area with an objective to make it easier for anyone to start a career in cybersecurity regardless of their background, previous access to education, or life experiences,” he adds.
In addition to this, IBM has partnered with Indian colleges and universities to build and offer security courses in Chandigarh, Bengaluru, Uttarakhand, Jaipur, to name a few. IBM India has also opened up the new collar training programme for other organisations and government entities to adopt and scale.
— 20% of companies reported that data breaches cost them $4.96 million
— Data breaches from over 500 surveyed companies cost $4.24 million per incident on average
— Risk management, security strategy and governance, threat hunting are some of the newer roles and areas emerging in the security space
— IBM India’s ‘new collar’ approach involves hiring people without a college degree but having the skills and aptitude for working in the security space