IMI: Leadership in cybersecurity is vital for continued growth

Some experts predict the global market will be worth as much as $403bn (€382bn) by 2027. This highlights to what extent cybercrime has grown over the last five years — and this growth will continue.

However, such exponential growth brings the urgent need for more trained cybersecurity professionals, a challenge often overlooked by those outside the industry. It might be obvious that as organisations become increasingly digital, they leave themselves exposed to newer and more dangerous threats. But what about the people who deal with those threats and safeguard organisations?

Skills and talent shortages, issues with employee retention, and highly skilled technical workers being promoted to leadership roles without the requisite soft skillset or management training are just some of the challenges the cybersecurity industry faces after massive growth.

Ireland as a case study

Take Ireland as a case study. According to the most recent ‘State of the Cyber Security Sector in Ireland’ report from Cyber Ireland, it is estimated that annual cybersecurity related revenue in Ireland reached approximately €2.1bn for 2021, with 489 organisations employing 7,300 people and contributing €1.1bn in Gross Value Added per annum.

Yet 61% of organisations in Ireland have personnel-related issues (ie lack of candidates with the appropriate skill level, competition for staff, lack of non-technical skills, or unaffordable salaries) with a further 10,000 cybersecurity workers needed in Ireland to plug this critical skills gap. 

High-performing employees tend to move after two to three years, while remote work throws up more challenges, with employees getting further away both from physical interaction and from connecting with an organisation’s purpose, mission, and values.

One organisation attempting to meet this challenge is Cyber Ireland, the national cybersecurity cluster organisation bringing industry and academia together.

“We’ve set out a goal to develop a pipeline of homegrown cybersecurity talent in Ireland and have made significant progress over the last four years,” said Eoin Byrne, cluster manager in charge of education outreach for Cyber Ireland.

“Through engaging with four Irish universities, MTU, Technological University Dublin, University College of Dublin, and UL, the Cyber Skills project was created to address this specific industry skills shortages and awarded funding of €8.1m by the Higher Education Authority.”

Mr Byrne’s goal is to “put Ireland on the map” as a cybersecurity leader in Europe, via building the community, developing a cybersecurity talent pipeline, building an R&D ecosystem, and supporting Irish companies to scale and export which includes much-needed investment (although global investment in cybersecurity firms surpassed $20bn, Mr Byrne recently notes that many Irish companies faced issues around securing investment here).

To achieve this mission requires leaders with a skill set that goes beyond technical proficiency — one based around an awareness of a leader’s own leadership style, an ability to become an effective communicator, growth in their emotional intelligence and the skill to cultivate engagement, wellbeing and a culture of psychological safety.

Skills shortage

These skills are sorely lacking in the Irish, European and global cybersecurity landscape. 

Due to talent and skills shortages resulting from the exponential growth of the industry, oftentimes highly skilled technical folk are put into management and leadership positions before they have developed the soft skills required for a management role.

To help develop these skills in cybersecurity leaders and solve the “translation challenge”, Cyber Ireland has partnered with the Irish Management Institute.

“Quite often, technical people speak a language no one else within the organisation understands, but they also struggle to understand business language and how to frame and discuss technical issues within a wider business context,” said Tony Moroney, programme director for the IMI’s Leading in Cyber Security programme.

The big challenge is to marry and translate cyber and general business issues, so everyone is talking about the same things with a view to the same goal, which is making our organisations successful, competitive, relevant and safe.

“Because cybersecurity isn’t ‘just’ a technology issue — it’s a mindset around how we think about technology. It’s a people, board and leadership issue.”

Ireland stands on precipice of becoming a world leader in cybersecurity. With the sector growing at a rate of over 10% per annum, the sector could employ over 17,000 people and create €2.5bn of GVA by 2030 if such growth continues. 

The aim of the project between the IMI and Cyber Ireland will be to develop leaders who can help the cybersecurity sector meet its growth targets by instilling a dynamic, agile, and flexible mindset into teams while navigating a world that is hyper-connected, hyper-disrupted, and where today’s business models may not be relevant tomorrow.

Ben Davern is a research & insights executive with IMI