IBM New Collar Program Recognizes Skills Over Degrees
The cybersecurity skills gap is already vast and increasing every day. The global vacancy rate of cybersecurity professionals will reach 1.8 million by 2022*. IBM is taking a new approach to hiring cybersecurity professionals by recognizing talent and potential in candidates that may not necessarily have pursued the traditional route of a four-year degree. CyberNB spoke to Heather Ricciuto, Academic Outreach Leader of IBM Security and David Jarvis, Security and CIO Lead at the IBM Institute for Business Value to discuss the New Collar approach and how relevant skills and experience can sometimes win over formal education in filling cybersecurity jobs.
CyberNB: Can you give me an overview of your New Collar Initiative?
Ricciuto: Our New Collar Initiative is another way that we at IBM are trying to address the skills gap, not just in cybersecurity, but tech in general. Our New Collar Initiative puts an emphasis on skills rather than degrees. We recognize that not all jobs in tech and cybersecurity require a four-year degree. In addition, we realize not everybody has a four-year degree. Everyone has a different path in life. Sometimes people cannot afford to go to a traditional four-year program, but that does not mean that they do not have the skills. We are now hiring for certain positions from what we call “New Collar Talent”. In other words, there are some entry-level jobs that can be done by people who might have a two-year college diploma, or they may be veterans, and in some cases, self-trained.
CyberNB: What skillset is IBM looking to promote in university graduates?
Jarvis: In a recent study we tried to look at skillsets from a high level. We have five broad areas in our New Collar approach that all good security professionals should have:
- They must be a problem solver, very analytic, methodical and detail-oriented. Since the landscape changes very rapidly and is constantly evolving.
- They must be an explorer in terms of being investigative and enjoying challenges and have an innate understanding of scenarios, risks and what-ifs.
- They must be a student at heart. They must have the desire to constantly learn, develop new techniques, and stay abreast of what is happening.
- They must be a guardian, protective, ethical, reliable, and be able to interpret policies and laws and comply with them.
- They must be a consultant, be able to work with others as well as understand and solve problems with others in a team.
Ricciuto: It depends on the role they want to fill. Some roles in cybersecurity are very technical, while others are not. There is a need for diverse skills in cybersecurity. We need lawyers, policy makers, user interface designers, software developers, salespeople, and many more. There is a role for everyone within the cybersecurity profession.
When students ask me what skills they need, I tell them that we do not just look at their grades and certifications. We look for leadership skills, good communication skills, and an indication that the candidate is well-rounded. If I am looking at a resume, I am looking to see if they have volunteered in their community, if they have held a part-time job while going to school, or if they have demonstrated leadership skills in some way by participating in clubs on campus.
CyberNB: How is IBM addressing the cybersecurity skills gap?
Jarvis: IBM has a huge demand for cybersecurity talent, not only for our own security but the security of our clients and the products and services being developed. We are all in this together, and the more we invest in skills development in cybersecurity, the better it is for everyone It’s really about looking across the entire educational spectrum in terms of what we can do from the university level, the secondary school level, and the primary school level. We are trying to build that pipeline from the beginning because the cybersecurity skills gap is so large. Looking at each stage of the education process is important and IBM is doing that through programming for secondary schools, sponsoring cybersecurity competitions, sponsoring students to go to conferences, CyberDays for Girls, and more.
Ricciuto: There is not one single action that is going to fully address the cybersecurity skills gap, because it is so large and still growing. Through our Academic Initiative, we offer no-charge IBM Security resources to be used for educational and non-commercial research purposes. If you’re looking for a more prescribed approach, we also have the IBM Skills Academy. This program has a number of prescribed curricula for certain career paths. The two security career paths that you would find in the IBM Skills Academy are Security Intelligence Engineer and Application Security Engineer.
We also sponsor a number of conferences, like CyberNB’s CyberSmart Summit, as well as cyber competitions like CyberTitan. We don’t just sponsor, we make sure we have a presence there by sending volunteers to represent IBM. We would typically set up a booth and have a place where competing students can come talk to IBM and learn more about us.
* (Source: 2017 Global Information Security Workforce Study.)
IBM is a key player in New Brunswick’s cybersecurity ecosystem. To learn more about Canada’s Epicentre for Cybersecurity, the CyberSmart Summit – North America’s only Cybersecurity Skills and Workforce Development event, click here