"Wanted: cyber security professionals"/ Cybele Negris

Nov. 20, 2017 "Wanted: cyber security professionals": Today I found this article by Dino Trevisani in the Globe and Mail:

President, IBM Canada

A recent surge in major cyberbreaches around the globe reveals cybersecurity threats are growing in both volume and sophistication, leaving potential victims scrambling to find ways to properly protect themselves and their data.

While arming your company with the best security software is a good start, it's not enough. Cybercriminals are becoming increasingly savvy and businesses are falling short on adequately staffing their security teams to defend themselves against these hackers.

Demand for skilled security professionals is one of the biggest challenges facing the industry today, and it's only expected to grow; experts predict a shortage of 1.5 million open and unfilled security positions by 2020. This gap is further exasperated by a lack of the right skills needed to meet the modern security landscape. In the face of increasing threats, this is a shortage the industry simply cannot afford.

One of the biggest hurdles behind the skills shortage is one that companies are creating for themselves – relying on outdated recruitment models and job descriptions to rapidly fill evolving security roles.

 At IBM, we advocate for a new-collar approach to hiring cybersecurity professionals, focusing on skills, experience and aptitude versus degrees alone. This approach has helped fill seats on the other end of the wire with qualified candidates, and we encourage the industry to evolve their talent acquisition strategy to do the same.

Here are some tips for doing just that:

Redefine hiring models

Work with internal teams and hiring managers to document the attributes and skills that are essential for your organization today and in the future. When doing so, consider positions that could be filled with non-traditional candidates or define new ones. 

For example, a Security Operations Centre (SOC) Analyst: he or she reports on security incidents, assists with the response and co-ordinates threat intelligence sharing across the SOC. This individual needs to be a multi-tasker with strong communication skills – capabilities acquired through experience, not just a four-year university degree.

Expand where you recruit

Encourage the recruitment team to expand their talent search into community colleges, private technical schools, and other educational programs, as a growing number of these institutions are offering cybersecurity programs yet remain untapped by employers. 

Build awareness of cybersecurity as a profession and your organization as an employer of such occupations by offering learning sessions and demonstrations.

Create new partnerships

Reach out to government organizations, and educational institutions and programs in your region. You can also participate in cybersecurity curriculum committees, provide externships for local instructors to keep their skills fresh and relevant, sponsor cyberteams, and work with local middle and high schools to generate interest in the field. IBM Women in Security Excelling (WISE) is a prime example of the latter.

Develop robust support programs for new hires

Considering the shortage of skilled cybersecurity professionals, it's important to retain new hires by supporting and engaging them as soon as they join the team. Beyond a comprehensive on-boarding program, employers should offer mentorships, rotational assignments and opportunities to shadow more experienced colleagues. 

Additionally, allow employees to work on a variety of projects and to explore new technologies – not only will this help the employee with professional development, but it makes him or her feel valued and provides the team with a fresh perspective.

Help employees build and refine skills

Cybersecurity is a highly dynamic field, which requires a constant refreshing of skills. Provide employees with opportunities to stay current by encouraging them to enroll in classes and conferences and pursue certifications. Also, do what you can to support existing employees from other functions who are interested in moving into cybersecurity as a new career; they too should have the opportunity to build and refine their skills in the space.

 https://www.theglobeandmail.com/report-on-business/careers/leadership-lab/addressing-a-cybersecurity-skills-shortage-with-a-new-approach-to-hiring/article36935498/

Popsiq

4 days ago

Another 'arcane' career. Nobody will know what this guy does. Until he doesn't.

Cybele Negris: Today I found this article by Brenda Bouw in the Globe and Mail: 

Cybele Negris is the co-founder and CEO of Vancouver-based Webnames.ca, a registrar for domain extensions as well as a provider of web hosting, e-mail and web-development services. Ms. Negris is also a member of the board at the Royal Canadian Mint and sits on a handful of boards in the science, technology and housing sectors in British Columbia.

I was born in Hong Kong and moved here with my family when I was eight years old. My last name is Greek, my father is part Chinese and part Greek.

English is actually my second language. I remember in school in Hong Kong, they segregated the kids with non-Chinese last names from the kids with Chinese last names. I went to a Catholic school and certain classes were in English, such as religion. I learned to pray in English. At first, when I moved to Canada, I didn't want to speak English. Then, within about six months, I didn't want to speak Chinese at all.

Part of the reason we moved to Canada was because of me. I was very stressed out as a kid. The school was very competitive and I was one of those high achievers. My parents used to say, 'Cybele, you have to slow down. Stop doing homework. Go watch some TV.' We also had family in North America – in B.C. and in California.

I didn't have a specific career direction growing up. When I went to the University of British Columbia I started studying commerce. I was following my dad, who was very entrepreneurial. He knew a lot of people in the business community. I watched him and was inspired.

I used to have a huge fear of public speaking. After a year studying commerce, I realized there would be a lot of public speaking involved and thought 'there's no way I can finish this degree.' So I dropped out of commerce and ended up doing an arts degree instead, with a major in psychology. Even though my marks were really good, and I was being encouraged to get my PhD, I realized it wasn't my love.

I worked at various departments at UBC while in school and, when I graduated, I got a full-time job in the human resources/finance departments. I was then promoted to faculty relations manager in the president's office in my early 20s. That crazy work ethic that I had from when I was a kid perpetuated. Some nights I would work there until midnight. I would literally scare the security people who would say 'you should go home.'

After a few years, I decided the public sector was probably not the place for me, long term. I started my own consulting business and was doing different projects, including for UBC. It was through a UBC contract that I met my future business partner at Webnames.ca, John Demco.

When we started Webnames.ca in 2000, I took support calls alongside everybody else. It was all hands on deck. There were no job descriptions. We did whatever it took. People slept at the office some nights. It was a grind, but I think I earned a lot of respect working alongside the team and not delegating everything.

I was quite a shy person back then. I didn't want to be the face of the company. I would rather work behind the scenes. If I was asked to speak at an event, I would typically try to back away from it or get someone else to do it. It was a big issue for me. There were so many years where I would be driving to a speaking engagement and think, 'I would rather get into a car accident than to have to do this right now.' That's how bad it was.

I have since overcome my fear of public speaking. I've done a lot of it in the past few years. Now I go up on stage and my heart isn't pounding. There are times where I still have a bit of nerves but not to the point where I'd be shaking or my voice is cracking.

Entrepreneurs overcome a lot of things. Are we smarter? Probably not. It's the fact that we don't give up. My significant other, George Moen, a serial entrepreneur and past president of Blenz Coffee, told me the word 'fear' stands for False Expectations Appearing Real.

 So whether it is public speaking or something new I haven't tackled, I feel pretty fearless these days. I've had so many worse-case scenarios played through my mind and, in the end, things always turn out okay.

We hire for cultural fit. Skills can be learned. We've built a team of people that challenge each other. We have pretty lively debates, but it's always respectful.

My advice for other leaders is to recognize what your strengths and weaknesses are – and then hire the right people to fill the gaps. Because I don't come from a tech background and own and run a tech company, I hire smart people. 

I don't always understand everything that they're talking about – nor should I. My expertise is in running the business and, in my view, hiring the best people in their role and letting them be leaders and be the best they can be without standing in the way. My role is to motivate and inspire them to do better – and to not micromanage.

This interview has been edited and condensed.

https://www.theglobeandmail.com/report-on-business/careers/management/cybele-negris-on-how-entrepreneurs-overcome-a-lot-of-things-by-not-giving-up/article38201269/