Cycber Security Shortage for FSIs
This spring, the WannaCry virus made international headlines as hundreds of thousands of FSIs were hijacked and held hostage by this malicious ransomware. The most startling observation about this attack that compromised over 200,000 computers in over 150 countries is that it was neither shocking nor unexpected. From consumer credit card information stolen by hackers of Target Co, or compromised email accounts by continual hacks of Yahoo, high profile, prolific hacks of companies, governments, and individuals are increasingly commonplace.
These attacks can be extraordinarily damaging to the victims who can suffer both financial and data loss as well as a gross invasion of privacy. For companies, especially financial institutions, effectively guarding their customers against a sophisticated computer hack is becoming a top priority because the financial loss can be crippling and consumer confidence may never adequately recover. However, the guardians of the crucial bits and bytes that comprise our digital assets, the cyber security experts, are challenging to hire and retain. It’s difficult to find skilled workers who can guard against such attacks, and companies are getting creative in their search for top talent.
It’s clear that, especially for financial service industries (FSIs), cyber security is a top threat and a top priority. A report by Deloitte on the subject found that “Cyber exposures rank second only to regulatory/compliance concerns on the types of risks FSIs believe will increase the most in importance to their companies.” Moreover, the report goes on to reveal that FSIs are devoting significant financial resources to the problem, but they are still unable to keep up. This is largely attributed to a lack of available talent to sufficiently address the issue.
According to Forbes, “there will be a global shortage of two million cyber security professionals by 2019.” Universities are developing fledging cybersecurity programs, but companies can’t afford to wait for these students to develop into top-tier cyber security experts. Instead, they will need to be creative in locating, developing, and retaining the talent that already exists.
The talent gap is a real problem, but desperate companies are finding creative solutions to locate and retain the top talent. Deloitte recommends that FSIs reject the industry practice of being insular and instead look outside of the industry for talented cyber security experts. FSIs have the flexibility to be less exclusive in their hiring. Rather than seeking only triple threat talent, those who are skilled data scientists, strategic planners, and cyber risk integration specialists, FSIs can form teams of skilled workers who collectively address these topics.
Additionally, Accenture notes that FSIs, in particular, can increase their capabilities by collaborating with experts already in place. Specifically, Accenture sees that “To handle the emerging threats in the current environment, however, organizations need outside expertise as well as effective collaboration with cloud and other service providers.” With FinTech and other financial trends changing the nature of banking, FSIs can increase their cybersecurity capabilities simply by more closely collaborating with institutions already in place.
Moreover, the Information Systems Security Association identifies that women and minorities are significantly underrepresented in the cyber security. The report concludes that “these under-represented groups offer an opportunity to increase the cybersecurity workforce for the near and long term.” Finally, FSIs should be careful not to ignore the talent already in their office building. Employees didn’t acquire their existing skills without training, and their skills can be upgraded to more specifically address the labor shortage.
While the internet generates a sense of omnipresence, FSIs looking to enhance their cybersecurity capabilities should be aware of the physical locations where the most action is taking place. Deloitte conducted a study on the matter and found that the United States, UK, Ireland, Israel, Canada, Australia, and Brazil are the top locations for cybersecurity innovation in the world. While the United States ranked at the top of the list for cyber security hubs, it’s notable that Ireland is a highly ranked Cybersecurity hub and, aside from the UK, the European Union is not highly ranked and is not a likely location for companies to draw significant talent to fill the cybersecurity gap. Being aware of these locations can allow companies to make strategic investments and partnerships that maximize their opportunities to locate and acquire the top cyber security talent.
Cybersecurity is the topic that FSIs need to address now and in the near future. Effectively mitigating risk while not hindering investment or opportunity is essential to their growth, relevance, and survival. The gains achieved from cloud computing, FinTech, mobile banking, and other services are irrelevant if companies can’t secure their resources and protect3 their customers. Attaining, training, and retaining the top cybersecurity experts is the first step toward securing this promising future.