Times of crisis and uncertainty can be frightening for everyday citizens, but they’re opportunities for cyber thieves. And the ongoing coronavirus pandemic is certainly no exception. While as many as 60,000 Americans have died from COVID-19, cyber thieves have ramped up their attacks against individuals and organizations, looking to parlay people’s fears about the virus and the increasingly remote workforce to perpetrate successful cyberattacks.
According to Shawn Henry, the President and CSO of CrowdStrike Services, in some cases, these attacks leverage promises of coronavirus news and updates to lure victims into installing malware. “Cybercriminals are using malicious websites and apps that appear to share the latest COVID-19 information, only to deliver malware to your device to steal information or lock devices and demand payment,” Shawn explained. “In a crisis, people tend to lose sight of their better judgment. Meanwhile, criminal hackers and scammers are eager to take advantage of us.”
With the cyberthreat level so significantly elevated, it’s no surprise that cybersecurity companies are seeing increased demand from companies and government agencies looking to protect their employees, networks and data. Emergency spending bills in response to the pandemic have even included dollars for cybersecurity spending to help protect agencies that suddenly have predominantly remote workforces.
This increased demand has resulted in a need for more cybersecurity professionals, and an increase in hiring for cybersecurity engineers. According to a recent report by Dice, the online technology recruiter, the number of job postings for cybersecurity engineers is up by 20 percent in February and March.
To learn more about what the job market and career opportunities are like right now for cybersecurity professionals, we recently sat down with David P. McKeough, the Vice President of SLED at CrowdStrike. During our discussion, we talked about the current job market for security professionals, why it’s an exciting industry for jobseekers and the skills necessary to make it as a cyberwarrior.
Here is what David had to say:
GovCybersecurityHub (GCH): Why should IT professionals and folks looking to enter IT consider cybersecurity as an area of focus over something “sexy” like application development?
David P. McKeough: I respectfully disagree with the notion that cybersecurity isn’t “sexy.” In fact, I believe it is one of the most exciting and noble technology sectors. People working in this field spend their days defending people from adversaries and making the digital world a safer place to live and work. We’re the so-called “good guys” and that’s an identity that holds a lot of appeal for many of us in the industry.
At the same time, I will acknowledge that not everyone thinks of cybersecurity in those terms. Our sector has a somewhat low profile within the tech industry—and that’s something that we in the industry need to work to change.
I think the benefit of working in this field is that you’re solving very complex issues on a very large scale. Combine that with our mission and you begin to see that our company has a lot of depth. We don’t have the same name recognition of the big tech players, but really make up for it in terms of substance and the learning opportunity we provide our people.
GCH: What challenges and opportunities does cybersecurity pose for people entering the cyber workforce? Why is work as a cyberwarrior exciting?
David P. McKeough:I cannot stress enough how much of an opportunity the cybersecurity field presents to candidates in terms of learning and development. It’s a fast-paced, continuously changing environment. The goal is to stay a step ahead of some of the most sophisticated hackers and cybercriminals in the world. In this landscape, you’re forced to improve your skillset and get better at your craft—because the company is depending on you and so are your clients.
Speaking more specifically about CrowdStrike, I think we offer our employees an unprecedented opportunity to work with data at scale and distributed systems. Our roles are fluid, allowing our engineers and technologists to solve problems from end to end, as opposed to focusing on a single piece of the process. And we encourage people to change roles as a way of developing new skills and keeping things challenging.
That’s not the case in many companies where employees can sometimes feel like the proverbial cog in the machine.
GCH: What skills and characteristics are necessary to be successful in the cyber workforce?
David P. McKeough:I would say the one commonality throughout the sector is the will and desire to win. Working in this field is like being in a constant battle with cybercriminals all around the world. That’s true no matter what position you hold—technical or non-technical. That passion is something that I look for in candidates because I know that they’re the people that will go the extra mile – and that’s what our organization needs.
CrowdStrike is built on bottom up innovation. We expect every employee to constantly move the organization forward. Technical skills are part of the equation, but, really, it’s the passion that will help us fulfill our mission to stop breaches.
GCH: What does the future look like for cybersecurity professionals entering the industry today? What is the job security and stability like? How in-demand will the skills they develop be in the future?
David P. McKeough: I sometimes tell people that this industry is like an endless Y2K—it’s that crisis mentality but the problem never gets solved. The issues just keep getting bigger and more complex. That’s the nature of cybersecurity.
Our industry is one of constant growth and the demand for talent is strong. CrowdStrike is hiring today—which says something about the resiliency of our organization in these times. And while I can’t predict what will happen tomorrow, I know that the need for security is not going to go away. This is a field that will change and evolve, but it will never disappear.
That said, the skills developed while working at a cybersecurity company are applicable to other technology sectors. In fact, given the scale and scope of the challenges our people solve, I would say that they would be an asset at any tech company in the world.
I think some outsiders don’t realize that people don’t stay in this industry for lack of opportunity, but because they really love the experience—the pace, the scale, the challenges, the variety and the satisfaction that comes from knowing you’re one of the good guys.
For additional information about the current cybersecurity threat landscape click HERE to download a complimentary copy of the CrowdStrike Global Threat Report.