August 8, 2017 By Julian Meyrick 2 min read

Everyone in the industry knows that there is a huge demand for cybersecurity professionals and a worrying shortage of talent. In fact, Frost and Sullivan estimated that we will face 1.8 million unfilled cybersecurity positions by 2022. So how do we solve this problem — and fast?

A recent executive report from the IBM Institute for Business Value (IBV) suggested that we can close this gap by filling cybersecurity roles through a new collar approach. This means tapping professionals who may lack a traditional college degree, but possess in-demand technical skills and aptitudes.

Read the report: Addressing the Skills Gap with a New Collar Approach

Veterans to the Rescue

According to the IBM report, employers are looking for cybersecurity professionals who embody the core attributes and skills of explorers, problem solvers, students, guardians and consultants. These characteristics can, of course, be found in a multitude of other sectors beyond cybersecurity.

One such sector is the military, where my own career began. As a former regimental signals officer in the Royal Green Jackets in the British Army, I can attest that the guardian attribute is common among military veterans. This means they are highly ethical, reliable and motivated to protect others. I am also convinced that veterans are proven self-starters.

In terms of specific cybersecurity roles, we’ve found that veterans are particularly suited for operator and communicator positions. Looking specifically at operators, roles can include threat monitoring analyst, penetration tester, security operations center (SOC) analyst and cyber operations manager. Anybody who has worked in the operations center of a warship, military unit or Royal Air Force (RAF) station will have the experience and transferable skills needed to deal with the types of incidents we encounter daily.

A Virtuous Circle

Recognizing the value and skillset veterans can bring, IBM has already hired hundreds of ex-military personnel. In March, the company announced plans to hire 2,000 U.S. military veterans over the next four years. Here in the U.K., we have an ongoing partnership with SaluteMyJob and the Corsham Institute to provide veterans with free training and certification on IBM’s i2 Analyst’s Notebook data analysis and QRadar cybersecurity products.

Almost 100 veterans have now qualified as data analysts thanks to this program. It’s a virtuous circle: At the end of the training course, recruiters can get in touch with veterans, and vice versa. The next course will be held in early September in Corsham, England. Interested veterans can apply via SaluteMyJob.

We continue to support ex-military employees once they join the business, too. When we hire veterans, we offer them a mentor from IBM who also comes from the military, so the individual has someone to talk to from a similar background.

Where to Find New Collar Candidates

If you’re considering hiring ex-military personnel for a cybersecurity role, you might be wondering where to start. I would recommend finding a partner such as SaluteMyJob that can provide access to motivated veterans with the right background. Next, attend training courses and events designed for veterans to meet the talent pool and introduce yourself to prospective employees.

In my security division, we’re using this new collar approach to cope with the cybersecurity skills gap. To me, it makes perfect business sense to train veterans with proven skills that are difficult to interview for. With the right training and investment, we can start closing that gap.

Read the IBM Executive report: Addressing the Skills Gap with a New Collar Approach

More from CISO

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today