The jobs of the future are in cyber space
17 Jun 2019
Nathan Clarke is a cyber security expert working on the front line of digital, forensics incident response. He sees a cyber skills black hole in our workforce; a risk that needs addressing now.
The Fourth Industrial Revolution continues to fan discussion around which jobs are likely to become obsolete; displacing human workers and fundamentally shifting the future workforce online.
“Cyber security threats are common to all industries,” says Nathan.
He explains that if the government strengthens its alliance with the private sector and academic institutions then it can build the knowledge and practical expertise needed to meet cyber security risks in the future. Organisations will also benefit from opportunities in cyber space.
“Having access to knowledgeable professionals will feature in the strategic planning of governments and industry and will need to include the education sector.”
Ensuring an educational avenue provides learning and skills training in cyber security areas is a challenge that universities already face. The conundrum is that experienced cyber security specialists are unlikely to be guiding the academic.
“If it’s hard to recruit people into the industry now, expectations are that it will become especially difficult in the next few years.”
Kath Young is CCI’s Chief Information Officer and she leads a technology team in building and maintaining a resilient IT environment for all CCI stakeholders. Kath expects a strong demand for professionals who work in cyber security in the years ahead, because an organisation’s worst nightmare is a cyber attack that disrupts business operations or steals data.
“We’re going to need an army of skilled cyber security professionals to deal with this,” she says.
“They need to be trained now. A World Economic Forum research paper has called out an estimated 65% of children who were starting primary school in 2016 were going to be working in jobs that are very different from what we have today and many of these future roles don’t yet exist.”
There will be fewer Office and Administration roles because of technological developments such as AI, but Nathan is confident of jobs that need Computer and Mathematics, Architecture and Engineering areas.
“There are many roles and opportunities for data analysts, for example,” he explains.
“Cyber security and incident response is an exciting field, and involves surveying the environment you look after, and monitoring it for any changes in behaviour that result in incident handling for a cyber security event.”
Nathan’s career has spanned decades working for government, and now for private sector company Verizon helping organisations manage the complexity and rapid changes in modern security. He was asked what a cyber security career should look like.
“I operate a security operations centre (SOC) that takes on commercial-private entities and looks after their environment in terms of monitoring and response. I did the same thing for the Australian Department of Defence, monitoring and detection. While the processes are the same, the challenges are a little different. Where federal government organisations have limited opportunities to outsource or put things in the cloud, it’s the opposite case in the commercial world.”
He explains that most federal networks are covered under a framework of cyber security governance that involves certification and accreditation. This type of work is a deliberate and well-planned activity in order to implement a series of controls. The application of these controls is done through a risk framework.
“My role revolves around what happens after those controls are in place. In any environment where controls are applied to prevent a cyber security incident from happening, my work is really around accepting that yes there is a lot of control there but I’m monitoring for issues that try to circumvent or disable controls either intentionally or through negligence.”
“Generally people in my field, incident responders, hold a view that all the controls in the world aren’t going to prevent hackers from getting into a network. It’s generally a matter of resources and time in order to breach a network. We’re there to look for indicators of a potential adversary attempting to breach the environment.”
Kath agrees and says that if it’s simply a matter of resources to breach an environment as Clarke describes, then the same principle applies to some extent in protecting it. Kath recognises that we need people with skills but they need to be trained and mentored by professionals such as Nathan Clarke. They need the experience of working in a team in the kind of real-world situations that he monitors.
“It’s something that should happen in tandem with academic study,” she explains.
“Or at least through the possibility of internships or something that connects potential candidates with future roles and with specialists like Clarke who can guide skills development.”
Nathan also advocates mentoring cyber security specialists in their process development to become specialist incident responders. Mentoring in this field is extremely valuable, and in his view critical for professionals who are serious about a career in the field of cyber security.
“Like most countries, Australia has a cyber security skills shortage,” he says. It’s worth noting that not all jobs will require superior cyber security skills.
“Many positions in the industry will be in supporting roles that help organisations to maintain their network security” says Nathan.
“There are many role types to consider going into the field of cyber security if you want to become a professional. Some jobs involve the maintenance of non-operational roles, some people work in high-repetitive incident-focused groups monitoring vulnerabilities and patch regimes, for example.”
Measuring risk and reporting exposure levels will play a leading role in the future jobs landscape. Invariably, preparation is a point of difference for those likely to face serious disruption (and even potential business closure) and those who won’t after an attack. (The WannaCry ransomware attack in 2017 targeted computers running the Microsoft Windows operating system, worldwide.)
A generation of bright computer-minded professionals could find roles that deal with intelligence gathering, data analysis, and research. The demand for risk resources and tools has seen Verizon track more than 61 billion events each year, and develop a Verizon Risk Report that helps organisations to understand, measure, and benchmark their security posture.
“Our people include professionals who make up a broader cyber security line of defence. We provide customised risk assessment tools and this means we can help organisations to get a focused action plan in place for their security environment,” he says.
“We have to have visibility of the entire security landscape through our integrated intelligence and tracking, because then we’re in a position to inform organisations about threats in ways they can understand and that will determine their steps forward in becoming more resilient.”
For Nathan, the work brings a high energy level to his daily tasks.
“To do well in this job takes passion. There are days were the adrenalin pumps all day long while you’re handling a real-time incident,” he says.
“You need to have good communication skills because you’ll be reporting on incidents. You’ll also need some technical acumen. I was in operations before cyber and I think that mindset is important to take into cyber. This is high tempo work, and one of the key capabilities that supports incident response work is a Security Incident and Event Management System (SIEM). It’s something that presents meaningful information to security analysts in order for them to conduct investigations and to determine what response to carry out.”
Nathan sees the importance of people from operational backgrounds applying for roles in cyber security, too.
“The SIEM can produce a lot of work for a team if not well tuned, but ultimately that is what’s going to drive the work flow in a cyber security surveillance environment. That’s where an operational mindset needs to work, not only to handle the candidate incident but to apply an operational mindset that can improve the environment over time.”
Both Nathan Clarke and Kath Young expect the pipeline for the talent pool will require organisations to think differently about how changing technology will affect business operations. Those failing to grasp the transformative impact on Australia’s employment landscape risk economic loss, as well as the chance to position our Australian professionals in global and emerging job categories where opportunity knocks.
About Nathan Clarke and Verizon
Nathan is a cyber security expert for Verizon, a global Network and Security Operations Centre that processes more than a million security events every day. His experience and leaderships skills ensures Verizon’s teams help organisations become stronger in the face of the rapidly changing nature of cyber threats. Verizon is recognised as a global leader in technological innovation, from mobility and networking to business communications, and the only provider recognized by industry analyst firm Gartner as a leader in both Network Services and Managed Security Services in its 2017 Gartner Magic Quadrant reports.