From Internal Auditor to Cybersecurity Expert?
16 March 2017
As many as 20 billion devices used by businesses and individuals are due to be connected to the internet within the next three years. This growing global network means expanded customer bases and more productivity for some. For others, it’s the perfect opportunity to flex their hacking muscles and secure sensitive information.
If the likes of the CIA and multi-national companies aren’t immune to cyberattacks, who is to say that anyone is safe?
Smartphones, watches, televisions and fitness trackers could be used to hold people to ransom over personal data, cyber security experts have warned. Devices are essentially ‘blocked’ until the person or company agrees to pay a fee for their release. This is done through software that has been named ‘ransomware’. There has been a 3,500% increase in the use of this malware in recent months.
A lot of potentially sensitive information is clearly at risk and traditional anti-virus software simply cannot counter these attacks. Everything from your date of birth to emails; from car alarms to your sort code is up for grabs. This poses an even bigger problem for companies who store a wealth of data.
There is also the issue of ‘phishing’ – where scam emails (or websites) that look perfectly legitimate mean sensitive information is accidentally shared. The need for a sufficient cyber defence force is growing.
The effect of compromised customer and client records, as well as the loss of intellectual property, can cause significant damage to the reputation of a company. For example, after hearing of Talk Talk and Yahoo cyber attacks on the news, how many people left those businesses to use a rival supplier?
Finance is a big area for moving towards a cybersecurity role. The move towards private cloud infrastructure suggests that opportunities are only set to grow for those with Cloud computing and Cloud security expertise – this is underlined by the increase in Cloud Accounting roles on the market.
According to recent research by IT and networking conglomerate, Cisco Systems, there are a currently one million cyber security jobs unfilled. If you already work as an internal auditor, you have some of the fundamental skills required for a career in cyber security because of your ability to assess the effectiveness of an organisation’s internal controls, as well as being able to highlight potential risks.
Banking Apps is just one area that needs individuals who are skilled in understanding the necessary controls to implement to properly identify their vulnerabilities. It would be light work for hackers to empty thousands of bank accounts at once – would you possess the skills to stop it?
The career path from internal auditor to cybersecurity expert seems straightforward. Whilst these positions are still in their early days of development, there are a number of transferable skills between the roles. The first step is to become involved in (or even implement) any cybersecurity schemes that your company has.
Being a cybersecurity expert calls for a blend of strong technical and interpersonal skills. Yes, you might certainly be qualified to expertly read the data, but can you also communicate with non-IT savvy staff about any potential threats?
If you are seriously contemplating making the move into an audit role within cyber security, then you should consider undertaking a professional qualification in subjects such as computer science, information systems or cyber security itself. You can even work towards a certificate in IT Auditing, which neatly blends existing core skills with desirable new ones.
Take the time to learn the basics of auditing computer applications and information systems of varying degrees of difficulty as and when you can.
Cyber security demands continuous education and reading – the very nature of the digitised world is that it is always changing. Hackers and scammers are constantly thinking of new ways to ‘break in to’ websites and systems and often customise their ‘ransomware’ for each separate attack.
Key skills here such as strategic, forward thinking, flexibility and a willingness to keep up to date with the latest developments will prove essential to a good cybersecurity expert. These skills are no doubt already in your possession as an internal auditor.
The risk to businesses is currently marked as “significant and growing” by the National Crime and Security Centre – so the time to move in to such a field is very much now.
More businesses will be looking to bolster their defences by hiring cybersecurity experts in the near future. The Big Four, in particular, will be paying attention to technological developments and hiring accordingly. Therefore, many more cyber security based roles will become available in the near future. Knowledge and expertise will be the key to defeating any potential cyber attacks.
If you would like to discuss your career in the Accountancy and Finance sector, contact our recruiter, Fiona Ashcroft, by clicking here.
Written By Fiona Ashcroft