The ongoing battle against cybercrime requires a new generation of skilled professionals. Since the cybersecurity skills shortage is expected to reach 1.8 million unfilled positions by 2022, these professionals are in high demand.
IBM is taking a new collar approach to filling these positions by concentrating on skills and experience rather than formal education and degrees. In particular, the company’s efforts to hire 2,000 U.S. military veterans to launch new collar careers over the next four years is putting experienced military personnel where they are needed most: on cybersecurity teams.
Education Beyond the Classroom
Military experience includes intensive education on specific jobs, but it goes far beyond the typical classroom learning experience most colleges provide. That’s part of the reason the new collar approach looks past the traditional requirement of a college degree that most employers want.
Bob Stasio, program director, threat hunting at IBM Security, was assigned to command an Army company at the National Security Agency (NSA) that was working on cybersecurity. “For some cyber jobs where I worked, a soldier would have to go through nearly three years of training before they touched a real keyboard,” Stasio explained. “The private sector generally wants people to be hired fully trained and then further training is on your own.” That kind of investment in training can’t be matched in the corporate or collegiate environment.
Cybersecurity positions need more than technical prowess when intrusions threaten the safety of networks and the data they handle. Nick Bradley, practice lead for IBM’s X-Force Threat Research Group, emphasized the advantage he gained from his military service.
“As you move up in the command structure in the military, you gain leadership skills because leadership is built into the job and the training,” he said. Bradley’s training and experience enabled him to rise through the ranks in his civilian career. As he put it, “It was only a few years after I began my civilian career before I moved up to a management position. That all came from my military experience in leadership.”
Applying Military Experience to the SOC
Enterprise jobs present different opportunities and challenges for those with previous military careers. The situations encountered in the military allow veterans to apply their experience to enterprise environments that truly need their help.
“Enterprise organizations today essentially face this same dire threat from hackers,” said Stasio. “They essentially have to fight a war on their networks.”
Stasio worked in tactical operations centers (TOCs) and found that they were very effective at fighting protracted conflicts. He brought that experience to his work at IBM. “My understanding of how to build and run these operations centers has been invaluable to transfer into the SOC environment,” he said.
For some, the change from military to civilian enterprise means a move from a smaller-scale environment to one that spans the globe. While it may seem like the military works around the world, most assignments are limited to smaller, more local environments. “I joined IBM to work at a global scale with even more data than I had access to in previous roles,” explained Mike Oppenheim, global lead for research at IBM X-Force Incident Response and Intelligence Services (IRIS). “With the impact we have at IBM, we can help organizations enhance their security posture and defend at scale.”
Advice for Veterans Launching New Collar Careers
Stasio offered some advice based on his military experience and what he learned after migrating to the private sector.
“I wish enterprise organizations would better adopt the concept of attribution,” he said. “I think this is really important — to figure out who is going after you and why. As an analogy, let’s say you are walking down the street and someone randomly throws a rock at your head (i.e., you get hacked). For most organizations today, the solution is, ‘Next time you walk down the street, protect yourself better and wear a helmet.’ Instead, attribution is trying to look around and trying to find out who threw the rock at you and why so they don’t do it again.”
Bradley’s experience led him to advise new collar workers to jump at the first job opportunity “just to get in the door.” He continued: “Do something that you know you will enjoy. The leadership skills you learned during your military service will always help, even if you only use them in a single project that you lead.”
For his part, Oppenheim said he learned a lot while with the Marines, but he felt he hit a threshold in what he was learning. He echoed advice he picked up in the service and while working his way up the ranks in civilian enterprises: “Always surround yourself with people smarter than you.”
New collar efforts are paying off for enterprises and former military servicepeople alike. By bringing the skills they gained in the military to private enterprises, veterans can protect organizations from cyberattacks while climbing up the ranks on a rewarding career path.