The cybersecurity industry must capitalize on the exodus of technologists leaving their roles in social media companies seeking soulful work by welcoming and converting them.
This was the sentiment of Bryan Palmer, CEO of Trellix, as he delivered his keynote on 07 June 2022 at RSA Conference in San Francisco.
“Social media triggers an increase in anxiety, depression and serious social disorders. Seventy percent of people (according to a Quinnipiac University Study) believe that social media does more harm than good.” Despite this reality, social media companies, bemoans Palmer, are taking very little action, “driven by greed and revealing themselves to be soulless.”
The countless smart and talented people initially attracted to careers in social media companies have realized that social media does more to sever than unite communities, lamented Palmer. “As a consequence, working there no longer aligns with their values, and we find them leaving their jobs in droves in search of soulful work they can be proud of.” Work, he said, like cybersecurity.
“What is more soulful than protecting people?” Palmer gave the example of preventing bad actors from limiting access to clean water in Ukraine and protecting insulin devices targeted by adversaries. “This situation presents an incredible opportunity for our industry. We can turn this into a watershed moment in cybersecurity by creating a home for talented technologists looking for a more fulfilling future. We could inspire thousands of people, maybe even a million, to find their true calling in cybersecurity.”
For 20 years, said Palmer, “we’ve dealt with the same problem, that our demand for people exceeds our supply. The talent shortage plagues our industry, and what is most troubling is how little progress we have made as an industry. We refuse to do anything different to solve the problem, which is the exact definition of insanity.”
Unlike adversaries, “we have not made the investment required to develop a cybersecurity talent pipeline. We are behind when it comes to talent, so we struggle to defend ourselves.”
Palmer drew on data clearing showing that “straight white men dominate our industry.” He argued that the industry is turning away great, diverse people and consequently “doing our industry a disservice.
“We are neglecting to provide pathways for people of color, women and members of the LGBTQ+ community. The lack of diversity restricts ingenuity, innovation and our ability to recruit the next generation of cybersecurity professionals.”
The Trellix CEO suggested that the cybersecurity industry is falling short when identifying talent that lacks schooling or academic qualifications. He suggested that certifications or vocational training are equally important. “There is an industry-wide perception that people need a college education, but the people we surveyed didn’t agree. At the end of the day, success does not depend on a degree.
“Our industry is best served by people with tenacity and determination; we want the go-getters, the ones with curiosity, fortitude and passion.”
Palmer proposed the following measures:
- Offering more internship programs would create pathways for more people from diverse backgrounds
- Create avenues for mid-career professionals looking to move into cybersecurity and ease that transition for them
- Provide better access to training courses, promote quality certification programs and launch more apprenticeships
- Recruit on the front line, recruiting capable technologists with or without a degree
- Use a collective voice to cast a wider net
“We’ve given the talent and diversity gap good lip service, but the industry lacks scalable programs to tackle that gap,” said Palmer. “The research we did shows that more than a handful of people have made the move from social media companies to cybersecurity, and that excites me the most,” he concluded.