Why Cybersecurity should be in every employers' budget!

Ian Donnelly

It’s no secret that Cybersecurity professionals are in high demand and low supply. After attending the European Cyber Threat Summit Ian Donnelly, Senior Consultant on Brightwater’s IT team discusses the threats and opportunities facing the industry.

It was a cold start to the morning when we arrived at the Helix Theatre in the DCU campus, but we were quickly warmed up by the friendly welcome we received from Paul C Dwyer’s team. After a quick breakfast and a cup of coffee or two, we were all ready to go.

Paul opened the event with an energetic introduction, laying out current cyber threats and opportunities facing the industry. He argued that it takes a network to defeat a network and how it’s important for us to all be singing from the same hymn sheet in how we approach cybersecurity, opening up a nice segue as the Dublin Gospel Choir took to the stage for a few songs to energise the audience.

Throughout the morning I attended some very interesting discussions. One speaker I enjoyed in particular was James McNab who is Director of Cybersecurity at Cisco. He pointed out some alarming stats on network breaches for 2018. They have almost doubled since 2017. His findings reflect common corporate psychology that cybersecurity is a cost center and a drain on resources. Stakeholders should also be asking how their company is using cybersecurity as an opportunity to enhance resilience, increase productivity and efficiency and what related products or services they are rolling out. They should think of cybersecurity as a business enabler, and a key theme was that IT security strategy needs to be baked in from the initial concept rather than added on at a later date.

The morning flew in and before I knew it, it was time for lunch. I had arranged to meet up with some of my industry contacts and we discussed the morning’s content. The event is an excellent opportunity to network and I also met some new contacts and had some thought provoking discussions about the developing cybersecurity space in Ireland.

After lunch, I attended a talk around the skills gap in Cybersecurity. As a recruiter this was particularly relevant to me. Brexit will offer challenges and opportunities to us and we need to be ready. I am keen to know whether it will drive new talent to Ireland and whether we have the infrastructure and in particular housing, to accommodate people who wish to relocate to Ireland. I speak with both employers and IT professionals in this space every day and it’s no secret that skilled candidates in cybersecurity are high in demand and low in supply. The continued growth in companies seeking to set up their EU headquarters in Ireland will only serve to increase this demand. Cybersecurity as a specialism is not as mature in Ireland as elsewhere and therefore we need to invest in upskilling candidates to be able to perform the new roles. There will be a consistent challenge to ensure these skills are available to employers. It’s always good to get other perspectives in this discussion.

As in 2017, we were gearing up to the main event of the day, an interview between Paul C Dwyer and Edward Snowden. Edward had some interesting points on “cyber morality”. It’s a scary thought that the largest companies on the internet are collaborating with governments and sharing our private information. While governments have legislated to some extent regarding data protection and what privacy means, it is also important to consider what is moral – not just the letter of the law.

He argued that its’s up to us as a society to protect the weak as well as the strong. It’s not enough that if you are a law-abiding citizen, that you must give up so much of your private information in order to allow governments to capture information on potential illegal activity.  He compared this to networks. If you fail to patch you are harming the whole herd. So the question we are all left with is how do we apply patch management to democracy? 

This was a highly interesting and informative event and it was clear that a lot of work was invested to attract such a range of speakers. The summit is a must see event for anyone working within, or providing products or services into the cyber space. Congratulations to Paul and the team for a great event and I look forward to attending next year.

Ian Donnelly is a Senior Consultant on Brightwater’s IT team where he specialises in Cybersecurity, Infosec, IT audit, DevOps, DevSecOps and SRE space.