We spoke to Jacqueline Kehoe about Ireland’s cyber landscape and how organisations can embrace upskilling.
The manager of cyber skills at Munster Technological University (MTU), Jacqueline Kehoe’s initial exposure to IT and computers while at school, though brief, was enough to instil in her a desire to build a career in the field. As she navigated her own professional journey, she soon had the opportunity to give to others the skills that had aided her.
“I have [had] a long, extremely rewarding career as a software engineer,” Kehoe told SiliconRepublic.com. “I joined MTU eight years ago as a software researcher working on industry projects and when the role to manage an education initiative to create cybersecurity courses arose, it was a great opportunity for me to use my industry technical background to create cybersecurity courses for people in the workplace.”
When it comes to preparing students and professionals for a career in the cybersecurity space, she noted it is important to take stock of the current landscape. Much has changed in recent years, in that prevention, while always crucial, is no longer the sole focus of a company’s efforts to protect itself. Rather, success in cyber begins by making yourself and your organisation adaptable and ready to address problems.
“Cybersecurity has now become a lot more about resilience and the ability to recover from an attack than about prevention. While we still need to put a lot of work into defence, we need to ensure we have a backup in the event of an incident. As they say, the attacker only has to be right once, the defender has to be right all the time.”
Future of cyber
“Almost everyone has been a victim of some kind of attack or scam at this stage. Over the last four years in this sector we have seen an increased awareness of the need for upskilling, which shows the campaigns by the NCSC [National Cyber Security Centre] and others are working.
“Government funding to support further upskilling and campaigns to raise awareness need to continue. The regulations coming in such as NIS2 and DORA are forcing people to build up their skills and their staff skills.”
For professionals skilled in cybersecurity, there are a number of career routes to take, as Kehoe noted. So vital is cybersecurity and awareness to personal and professional safety, almost everyone has a certain level of experience. For the technically proficient, there are opportunities in IT networking, engineering, cloud security, penetration testing, incident response, CISO and more.
For the non-technical, there are equally exciting cybersecurity roles in areas such as risk management, legal, communication and education, to name a few. “The NIST NICE framework defines 52 roles and that is probably not even all of them,” she said.
The current landscape lends itself to a culture of learning and upskilling. According to Kehoe, traditionally the path to a career in cyber involved an IT degree, then a postgraduate or master’s degree in cybersecurity. However, in line with changing ideals around education and career progression, micro-credentials and alternative pathways can offer a unique way to upskill in specific areas, for example in cyber regulations.
“These are delivered online and in the evening to be accessible to people working. Entry requirements are based on appropriate prior experience or knowledge, not qualifications.”
A problem shared
For Kehoe, there is a common misconception around the cybersecurity realm and the skills needed to progress, in that it is still considered a sub-discipline of IT and essentially the IT person’s problem when issues arise.
“Most people think you have to have IT networking skills before you can work in the sector but there are so many soft skills needed. For example, people from the Gardaí [police] who have investigative skills have invaluable skills in investigating cybercrime.”
She predicts that the sector will continue to grow as more appreciation is given to important soft skills such as adaptability, communication and analytics. “We find now we are adding cybersecurity aspects to every domain … We need to keep ahead of the criminals and provide everyone with cyber resilience knowledge to keep Ireland safe.
“We all need to realise cybersecurity is everyone’s responsibility.”
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.