Cyber Security Isn’t Just ‘Scaremongering’

Cyber Threat Intelligence Manager may sound like something of a foreboding job title, conjuring up images of a scene out of War Games. However, as Andrew Morfill from Vodafone (who holds that very title) explains, cyber security is a serious business that organisations can not afford to ignore.

Andrew, who left the Army in 2013 and now works within Vodafone’s global risk team, discusses why this is a booming industry that will continue to need a committed workforce long into the future.

What is cyber security and intelligence?

Is it tracking hackers? Designing cyber software? Building firewalls to prevent hacking?

There is no definitive definition and cyber security can mean different things to different people. However, it does have strong technical aspects and ‘cyber hygiene’ (ie, building firewalls) is fundamental to the industry.

Within Andrew’s role at Vodafone, the main premise of his work is protecting Vodafone’s assets and, ultimately, its brand.

Andrew says: “Vodafone is the 13th biggest brand in the world and operates in 26 countries. We do not want to be in the papers for data breaches, nor do we want the heavy fines that can come with that.”

He adds: “It can be 260-290 days before a company realises it’s lost valuable information and the implications of that can be huge.”

Which organisations employ cyber security specialists?

79% of you said that banks and other financial institutions are most likely to invest in this but as Andrew points out, as soon as you’ve got something ‘worth stealing’, you need to ensure your cyber security is in place – and this isn’t just ‘scaremongering’.

What are the routes in?

Andrew asserts that a technical background is important. He says: “Don’t bluff if you don’t have that as there are people who live and breathe this work. Even though we’re a technical company the backgrounds of the military community tend to be ‘signals’.”

If you have a skills gap on the technical side, you may need to take a different role while getting to grips with the technicalities. There is also the project management avenue, although you will need qualifications that include CISSP (Certified Information Systems Security Professional) and CISM (Certified Information Security Manager). IT project management is also a good grounding as it gives you exposure to different business elements and excellent networking.

Other qualifications that will help you get in to the industry is ISO, which covers how data is handled, how you can improve on securing your data and how it’s encrypted and stored. This is knowledge that will stand you in very good stead.

Andrew advises using your ELC credits to gain technical qualifications, as going into a technical arena without any technical qualifications will be ‘pretty tough’.

This is a huge growth area with recruitment continuing to rise in the industry.

Andrew says: “Ex-military can add a lot of value, as long as they have some of the relevant skills and experience. It’s a candidate’s market but you will need basic understanding of the industry to ensure you can get a foot in the door.”

Listen to ‘Demystifying Cyber Security’ webinar in full