Main image of article Cybersecurity, Cloud Skills: Key to Companies’ Digital Transformation

Although the COVID-19 pandemic sped up some aspects of digital transformation—including many companies’ embrace of cloud platforms and remote work—technology is always evolving at a rapid pace. If you’re a technologist (or an aspiring one), you need to stay constantly on top of developments within your specialization, whether cybersecurity, cloud, or machine learning

But what aspects of this digital transformation are companies choosing to embrace? And what skills do you need to take advantage of that? 

Cybersecurity in All Forms

Mike Engels, principal consultant at Chicago-based strategic consulting services firm Netrix, said his clients are focused on using digital transformation projects to support team members who are now mostly working remotely. 

“We’re seeing a lot of traction around Azure identity and access, because one of the results of having these remote workforces is accessing information from remote devices that may or may not be owned by the company,” he explained. “Companies are looking for people with mobile device management, and SSO skills, because those are toolsets that are let team members get secure access.” 

Mobile device management and remote access, in turn, fold into the larger issue of cybersecurity. Indeed, Engels sees cybersecurity as a major stumbling block for companies, which have a growing need for cybersecurity engineers who can configure security components that help with endpoint security, server security, and intrusion detection.

While buzzword technologies such as artificial intelligence and machine learning have been companies’ recent focus, Engels thinks those have gotten pushed to the backseat because of higher-priority items such as cybersecurity, where people are still investing heavily: “While machine learning is still something people are investing in, I’ve seen a lot of people put projects off because they don’t have the budget for it at this time.”

Steve Durbin, managing director of the Information Security Forum, a London-based specialist in cybersecurity and risk management, said his organization continues to see a skills gap when it comes to cybersecurity professionals: “Increasingly, lockdown has driven us all online and the training industry has been somewhat slow to respond with engaging, practical training supported by skilled practitioners who can share their expertise.”

Durbin said apprenticeships and on-the-job learning, backed up with support training packages, are the way to tackle a shortage that is not going to go away. “Organizations can either adopt an attitude that says we will work with the rich skill sets that are available and provide the security components by online training, apprenticeships and practical skills transfer through mentoring schemes or they can sit back and wait for the perfect candidate to come along some time maybe never,” he said. 

The Cloud

Another cloud-related technology where Engels is seeing companies make investments is information governance and rules, which help his clients securely transfer data to the cloud.  

“Changing office dynamics have greatly increased cloud service adoption,” agreed Brendan O’Connor, CEO and co-founder at AppOmni, a San Francisco-based provider of Cloud Security Posture Management (CSPM) for SaaS. “Unlike a well-planned transition from end-point software to the cloud in a space of months or years, organizations had to make the same transition in a matter of weeks.”

Because of the needs related to the pandemic, O’Connor noted, technologists had precious little time to ramp up cloud services as employees shifted to remote work. “This has resulted in a severe shortage of IT staff skilled in various cloud services,” he said. “The rapid shift to the WFH model has also increased the workload across all IT staff.”

Even for technologists well-versed in cloud services, the rapid speed of digital transformation has caught some of them by surprise. In order to handle additional workloads, many have turned to automation and other tools. “With the employee location and devices under constant flux, organizations will rely on the consistency and security of cloud service applications,” O’Connor said. “IT workers should look to the management and security of these SaaS applications as the new skills and technology to embrace.”

Mohit Tiwari, co-founder and CEO at Symmetry Systems, a San Francisco-based provider of data store and object security (DSOS), also noted that, because COVID has accelerated organizations' digital transformation, the ability to set up workloads in the cloud that meet compliance and security needs is in demand. 

“Part of the reason is that the workloads that had resisted moving to cloud were exactly the highly regulated ones, and the forced move out of on-site data centers managed by IT staff is driving up demand for cloud-based compliance and security skills,” he said. 

Tiwari said there are “massive opportunities” in deploying and managing workloads in the cloud, cloud-based security and compliance, as well as learning enough programming or data science to automate domain-specific problems.

These include learning to work with cloud-native identity and access management (IAM), large scale log analysis and alerting techniques, NIST and similar compliance frameworks, and broadly learning to manage infrastructure through structured programs, instead of shell scripts pieced together.

“As networks and application tiers become ephemeral, the most important persistent asset for any enterprise will likely be their own and their customers' data, so data security on the cloud will be a major theme going forward,” he noted.