Skills shortage in cyber and cloud?
We’ve written on these blog pages before about how technology is changing and the impact that is having on the way businesses operate and the way we live our lives. We’re more mobile, we have the world’s information available to us at the click of a button and our data is stored on interconnected servers spread throughout the world.
It’s pretty amazing when you think about it. But I suspect that many people, and many businesses for that matter, don’t think about it too much. Mobility, the internet, the cloud are all just there when needed.
But with the emergence of new technologies come the requirements for new skillsets. And I think we are facing a potentially damaging shortage in those skills.
A recent report from Computing.co.uk revealed that CIOs believe a lack of staff with the required skills is actually holding back cloud computing adoption. The article quotes Rocco Labellarte, CIO at the Royal Borough of Windsor and Maidenhead, who said he is finding it “bloody hard” to find workers with the right skills to help it shift its applications to the cloud.
On a similar theme, another article on Computing.co.uk found that the UK government’s much-hyped Cyber Security Challenge was failing to have the desired impact. Just one-third of contestants to make the “face 2 face” or “masterclass” stage of the competition have gone on to forge a career in cyber security.
What these and other articles have shown is that the industry is perhaps not doing a very good job of recruiting, training or retraining for the skills that modern IT requires. Cloud computing, software-defined networking and data centres, mobile apps and any other technological innovation you can think of requires new and different skills.
So too does cyber security. We’ve talked a great length on these pages about the changing threat landscape - increased cyber attacks, hacking, DDoS, to name but a few - and that also requires a new skillset. As ComputerWeekly.com points out, the recent Heartbleed incident catapulted the debate about a cyber security skills shortage up the agenda.
This means that businesses are facing up to new challenges without the in-house skills required to take advantage of them or protect themselves from new threats.
There is a huge opportunity here. The skills are needed and at the moment the demand is not being met. Graduates with a keen interest in these fields have a great opportunity to build a fantastic, rewarding career for themselves, if they can obtain and maintain the necessary skills.
The Computer Weekly article I linked to above has some great ideas about the best way of getting those much-needed skills into your business. Also, most technology companies (F5 Networks included, of course) offer training and accreditation courses, often in conjunction with universities. The new F5 Certification program is an interesting one. It aims to certify people with the knowledge to deliver applications, focusing on Layer 7 security, availability and optimisation. This particular skill set is pretty unique in business, largely due to the fact that companies have different teams looking after each area. This separation of skills is causing issues in day-to-day operations and is largely responsible for the need for SDN and reducing the times to change and deploy new applications and services.
What I have seen in the industry is the emergence of a couple of new roles, one being an application delivery architect, someone who has end to end responsibility for the app, including the security, availability etc, someone who can take a high level view of the entire stack and not just “networking” or “compute”.
This is slowly evolving to an even newer and bleeding edge role in the area of DevOps, which is a cross over of development and operations. This is someone who can take a operational view of an app or infrastructure and couple with that the development background to integrate all the separate parts to improve deployment times, orchestrate repetitive tasks and generally improve the overall efficiency of IT in a given organisation. It is taking the mind-set of a developer who embraces change and merging it with operations who typically favour stability and little change.
In this ever changing industry, there will never be a single certification that will encompass everything, there will never be a single role that can do everything but the one constant is change. Things are changing at a pace never seen before and it has caught training and education providers off guard. On top of that, there is no substitute for experience and the most important certification anyone can have is a positive attitude.