Cybersecurity education and training is becoming even more important as threats continue to multiply. Cybersecurity expert and leader Craig McDonald believes that all IT professionals should invest in cybersecurity education.
Craig McDonald founded Australian cybersecurity company MailGuard in 2001 after a cyber attack caused havoc on a previous business. More than 15 years later, MailGuard is now the world’s largest private software as a service (SaaS) cloud security company, with approximately 15 percent market share in Australia and 3 percent internationally.
Over his years in the industry, Craig has seen the toll cyber crime can take on a business, and he believes that education and training are the solution. He sat down with Careers in Cybersecurity to share his thoughts on the skills shortage and the future of cybersecurity education.
With the well-publicized skills shortage in cybersecurity, how do you see the industry combatting this demand and filling vital cybersecurity jobs?
The cost of doing business will continue to rise unless we confront the talent gap and invest in developing the next generation of cybersecurity professionals.
To future-proof, we need to train existing IT workers to become cybersecurity specialists, and educate workforces about the new dangers landing in their inboxes.
We also need to raise the profile of cybersecurity as a genuine career option to attract the most talented new graduates.
What role do you think advanced and further cybersecurity education will play in addressing the skills shortage?
Addressing the skills shortage requires a joint effort by industry, academia and government.
We need to work together to promote cybersecurity as an aspirational career, work with universities to design new and relevant internship programs and send cybersecurity experts into universities to share their real-world experience.
As an industry leader, MailGuard knows it’s our role to address this issue, so we’re working with Australia’s Deakin University to offer six-month internships, so people can be at the coalface and see how exciting and evolving cybersecurity can be.
We also partner with Deakin University for the development of our technology and intellectual property, such as our next generation artificial intelligence, artificial neural network threat detection engines, providing real-world experience and industry exposure to Deakin students and staff.
Why is it important for professionals to invest in cybersecurity education across all levels of business?
Education is vital because cyber crime is too ubiquitous and too expensive to ignore.
Cybersecurity is no longer just a problem for IT. It is the responsibility of every executive and leader, and every staff member.
Two big factors are the volume of threats and the ease of delivery. Today, 91 percent of cyber threats arrive via email, and 23 percent of people click scam emails – which is how email threats quickly escalate from a personal problem to a potentially catastrophic business risk.
How have you seen this investment play out in a business (or in your own)? What benefit can it bring to larger businesses who may be able to better invest in cybersecurity education, as opposed to smaller organizations?
Companies can spend millions on cybersecurity but it can be all undone in seconds if a lapse in judgment leads to a staff member clicking on a phishing or whaling scam or a ransomware link.
Bigger businesses are attuned to the risk and are investing accordingly in cybersecurity education.
At Australia Post, they run phishing simulation drills for all staff. Those who make the mistake of clicking the link are redirected to a training module. It’s a great way to educate employees the moment they realize they’re susceptible to a malicious email.
How can cybersecurity professionals within businesses help to encourage and lead this education play across the business?
The best cybersecurity professionals understand education needs to be regular and ongoing – just as cyber threats are. It needs to be top of mind for everyone, from the receptionist to the board members.
It’s not just an IT problem. Savvy businesses are now including cybersecurity training and awareness as key performance indicators (KPIs).
MailGuard takes education very seriously. As well as developing cutting-edge technology such as artificial intelligence and machine learning to protect our business customers around the world, we know the importance of educating the community about the growing threat of cybercrime.
I post regularly about breaking threats to my 22,000+ followers on LinkedIn. Building awareness is a key part of keeping people and businesses secure.
How do you see the industry evolving as it tries to meet the skills shortage and develop more, and better, cybersecurity professionals?
It’s a fascinating, ever-changing sector. We’re trying to outsmart cyber criminals in a growing industry – the global cost of cybercrime is forecast to reach $2 trillion by 2019.
Demand for skilled professionals continues to grow, and industry awareness is constantly improving – cybersecurity was even a major theme in the recent U.S. election, and governments around the world are setting up specialist agencies to deal with cyber threats.
As more and more companies speak out about the cyber attacks they’ve faced, it helps grow awareness of the task at hand and the requirement for a larger workforce to tackle it.
Find out more about where an advanced cybersecurity education can take your career.