Senior Manager, Cyber Risk Services, Deloitte Canada
Deloitte’s cybersecurity consulting business is helping to fill the talent gap by encouraging professionals from diverse professional backgrounds and industries to switch careers.
Protecting Canada against cyberattacks is a daunting challenge. Cyber breaches have increased by 4,379 per cent between 2015 and 2020, according to Risk Based Security — costing billions of dollars from ruined reputations, lost sales, and legal costs. Aware of the threats, organizations are stepping up their cybersecurity. However, they face the problem of not having enough skilled talent in the industry.
In 2020 Deloitte made a goal to make Canada a safer place. To do that the company has taken actions to help fill the skill gap, through various hiring programs, partnerships with post-secondary, and developing cybersecurity skills base with new individuals not traditionally found in cyber or IT. To help fill the skills gap, Deloitte — a worldwide leader in cyber strategy consulting and cyber intelligence — is inviting professionals from different industry backgrounds to make a career transition.
Existing skills, additional training, and supportive culture ensure successful transition
Lillian Piao, Senior Manager with a cybersecurity team in Deloitte’s Risk Advisory practice, is one of them. With a degree in electrical engineering, she spent six years in the energy sector within the operational technology field. As she reflected on her career path, she realized she was starting to feel a bit repetitive. Shortly thereafter, Justin Fong, a partner in Deloitte’s cybersecurity practice, reached out to her with an opportunity. “I was curious, but I didn’t have a lot of background in the area,” says Piao.
She decided to give it a try, and nearly six years later, Piao is enjoying a rewarding career, supporting clients on large cybersecurity programs to mature their cybersecurity practice. She was able to use some of her prior professional background and industry knowledge to fill her skills gap. The rest she did through additional training, coaching, and certification. Piao credits Deloitte’s open and supportive culture with helping to ease the transition. “It can be really nerve-wracking when you’re starting in an area where you don’t have a lot of knowledge, but my peers and superiors were amazing and made me feel very comfortable,” she says.
One misconception about the cybersecurity profession is that it requires an IT background. This is not the case. “There are many different types of roles and jobs in the field,” says Piao. These range from technical roles in IT to roles in strategy, business development, incident response, and risk management, which require soft skills. Other traits such as analytical and critical thinking and the willingness to build skills through self learning will make this transition a rewarding one. “I’m constantly learning and developing, especially as we evolve our Cyber Target Operating Model.” she says.
A burgeoning industry with high demand for talent
Cybersecurity is a burgeoning industry. A 2018 Deloitte report estimated that 1.8 million cybersecurity jobs would need to be filled by 2022. “There’s still a talent shortage in cybersecurity,” says Piao. “Right now, we have people who’ve been in the industry for many years as well as a lot of new talent just coming out of school, but the real gaps are in the middle, and one way to fill that gap is through career change,” she says.
In being the catalyst for training and nurturing cybersecurity leaders, Deloitte is ensuring a broader cybersecurity talent pool for Canada as a whole, thereby helping to keep Canada safe from cyber threats and bad actors both now and in the future.