Cyber security jobs watch this space as the market grows Viewpoint careers advice blog

Cyber security jobs watch this space as the market grows The Heartbleed bug, the eBay security breach, Apple devices locked by hackers â€" not a week goes by without cyber crime hitting the headlines. The risk is such that The World Economic Forum has identified cyber threats among the top ten trends for world leaders in its Outlook on the Global Agenda 2014. For the financial services industry, cyber attacks can be devastating. Not only can they damage business operations and internal systems, as well as compromise customer data, but they can also potentially harm their brand reputation beyond repair. How the increased use of technology leads to more vulnerability In PricewaterhouseCoopers’ Global Information Security Survey 2014, 38% of financial services respondents say complex, rapidly evolving, and sophisticated technologies, such as high-frequency trading systems, pose a “significant challenge” for the future success of their organisations’ information security. Although financial services companies are spending more on information security than ever before and have improved many of their security practices, PWC notes incidents continue to occur as a result of unprecedented attacks. These range from distributed denial of service (DDoS) â€" where an online service is made unavailable by overwhelming it with traffic from multiple sources â€" to advanced persistent threats (APTs) â€" where unauthorised persons break into a network and collect private information. Why is this happening? PwC believes most organisations are “defending yesterday, even as their adversaries look to exploit the vulnerabilities of tomorrow”. It says soph isticated intruders are bypassing traditional perimeter defences to perpetrate dynamic attacks that are highly targeted and difficult to detect. “Many use well-researched phishing exploits that target top executives or key customers.” My colleague, Charlie George, a Senior Manager within Hays Financial Markets, agrees that cyber attacks are largely dealt with reactively. The way IT security within corporates or organisations deal with cyber attacks is to assess them first â€" whats happened, how, how much damage was done? etc. The response is then coordinated. This is what we call cyber forensics, an area that is developing. Currently in case of a cyber attack everything has to be learnt on the back of the event. We know for instance that anti-viruses are virtually redundant against ever evolving malware. Cyber attacks are becoming more and more complex, and fast. A number of recent cyber attacks against financial institutions have come from so-called third party risk, where suppliers or service providers were breached to gain access to the target company, George notes. Banks know that attacks will happen. It is about assessing how much they need to spend to prevent cyber attacks. As banks want to be more and more technology-savvy and offer their customers the latest high-tech tools, to be more engaged with their customers that way, they are becoming more vulnerable. Cyber security: a growing job market The ever-increasing cyber security risk represents an opportunity. At an upcoming event to be run in conjunction with ISACA, a professional organisation representing the Technology and Information Assurance industry globally, Hays will present the services it provides to professionals in the field of IT and cyber security. Demand is getting bigger,” explains George. Cyber security is still rarely an element within itself and covers the spectrum of Information Security â€" IT Security Operations (firewalls, penetration testing and operating system hardening) through to Information Security (policy formulation to educate the business and prevent errors exposing them unnecessarily) and Forensics (threat intelligence and analysis). To find out more and the reserve your place at this event, please contact Charlie George at Charlie.George@hays.com. Another of my colleagues, Christopher Smith, a Business Manager within Hays Financial Markets, tells me that currently the big recruitment drives are with the top consultancies as financial services firms tend to outsource IT security. The big consultancies are dominating, but I can see the demand for specialists growing amid large firms, and this will trickle down to smaller companies, he says. A job market in its infancy It is still early days for the cyber security job market. Its very technical nature means there is not necessarily a straightforward path to specialise in this area. The difficulty in recruiting comes from the fact the market is hugely niche,” says Smith. “It ranges from the secondary school educated person who has spent a lot of time on computers to the expert who has spent years training within the IT security department of a large corporate. This can be challenging, as there are very few specialists. Recruits include anyone with cyber forensics and threat detection, penetration testers, firewall specialists and general information assurance specialists looking at policy formulation. Hays is also seeing growth in cyber security litigation specialists, as with cyber attacks also comes the inevitable rise of disgruntled customers whose personal data may have been mishandled, and the very thorny question of who is to blame: the attackers, or the corporates that end-customers sometimes accuse of being too complacent to take cyber security seriously? To share your thoughts on this article and to stay up to date with the latest business, employment and recruitment news in the financial markets sector, please join our LinkedIn group. Join the conversation