As Art Gilliland, CEO of Skyport Systems, assesses cybersecurity in 2016, he sees distinct strengths, weakness and opportunities for the next generation of leaders. The question is: Where will we find these leaders?
For all its hype, the skills gap is very real, Gilliland says, and it's one of the first challenges he discusses with his CISO customers. In a previous role, Gilliland conducted his own study and found that 40 percent of entry-level security jobs were going unfilled. But even more concerning: 60 percent of security leadership roles were open.
"And so if you're looking for a CISO - looking for the people who actually build and drive the policy and train the younger people, that is even more at a [premium]," Gillland says.
There is no one answer to the skills gap ... but Gilliland recommends two approaches: 1) Invest more in education programs to attract and retain more qualified information security pros and leaders. And 2) simplify the technology architecture, so fewer people are required to operate and manage it.
And one piece of advice he offers to the next generation of security leaders: Know your adversary.
"Understand what their motivation is," he says. "Understand what their process is ... and build solutions that either disrupt their motivation or break their process."
In part two of a two-part Executive Sessions interview, Gilliland discusses:
- The threats that concern him most as we head into 2016;
- Where we may find the next-generation of security leaders;
- The cybersecurity leadership we need to see from our 2016 presidential candidates.
In part one of this interview, Gilliland discusses why our fundamental approach to security architecture is flawed - and why he bet his career on fixing it.
Gilliland is a 15-year veteran of the security industry, most recently serving as the senior vice president and general manager for the enterprise security products group at Hewlett Packard. Prior to that he was the senior vice president of information security products for Symantec. Before Symantec, he led the product and marketing teams for instant messaging security start-up, IMlogic, which Symantec acquired. Gilliland holds several patents in security and is a Certified Information Systems Security Professional.