Intercast Staffing – April 2022 Newsletter
Welcome to Intercast’s April 2022 newsletter for cybersecurity consultants. As always we’re bringing all the news and views you need to thrive in your career. This month’s rundown:
- ‘Meet The Team’ with Intercast’s Kristofer Faric
- Career breaks losing their stigma!
- A four-day week for cybersecurity?
- And a full news roundup
Meet The Team- Kristofer Faric
For the first of an occasional series, we fired some quick questions at Intercast’s Lead Cybersecurity Recruiter (and former college hockey devotee) Kristofer Faric:
What first attracted or intrigued you about cybersecurity?
If it wasn’t sports, it was always going to be technology. The cyber industry is fast paced and consistently evolving which feeds directly into my desires for a career that was not only challenging but also extremely rewarding.
In addition, cybersecurity is part of our everyday lives. We live in the digital age and recruiting for cybersecurity gives you a greater purpose helping the greater good. At the end of the day, it’s not just a job.
What are the most important qualities for a candidate beyond technical knowledge and ability?
Communication, communication, and more communication!
What are the key differences between recruiting for cybersecurity and other industries?
Cybersecurity is a very niche industry with very niche skill sets. It’s like finding a needle in a haystack. Unlike other industries which may be more consolidated and defined, in Cyber there is so much advancement that you have to be consistently learning and adapting with market needs and trends.
What’s the one thing clients are looking for in candidates that people might not expect?
Personality. This is key. A good conversation goes a long way and can make or break the yes/no decision.
What’s the most surprising thing a client has asked for when searching for a candidate?
“Find me someone with no relevant cybersecurity experience – I can teach that part but you can’t teach soft skills”.
You’ve played your share of hockey – did it teach you any lessons you use today?
It taught me about teamwork, grit and perseverance. Teamwork makes the world go round, grit makes us unstoppable and with perseverance comes success. Nothing is ever easy, so if you get knocked down, get back up and do it again.
We Were On A Break…
LinkedIn is updating its profile settings to normalize taking career breaks. Until now, people with gaps in their employment history had little way to explain the break unless they ticked a “stay-at-home parent” option.
Now they’ll have 13 more options to select, including “career transition”, “voluntary work” and “health and well-being break.” There’ll also be options to flag up a “layoff” or “position eliminated” situation rather than leave would-be employers wondering why they were fired.
Protocol’s Amber Burton notes LinkedIn isn’t just making an administrative change but rather reflecting a growing acceptance that people don’t always favour a linear career history. Having career gaps is no longer a red flag and could even show a more rounded life experience in a candidate.
Four’s Not Fine?
Between burnout fears and the great work-life experiment that COVID-19 forced on many businesses, employers in some locations seem more open to the idea of a reduced work schedule. But can the four-day week really work in cybersecurity?
That’s the question posed by BlackBerry’s Keiron Holyome in Computer Weekly (registration required to view). He acknowledges the simple truth that hackers don’t take days off and points to cases where big attacks are timed for public holidays to increase the chances of a delay before detection.
According to Holyome, the biggest challenge to reducing work schedules in cybersecurity isn’t about getting more work done in fewer hours. Instead, it’s all about better managing the times when staff aren’t actively working and instead are merely on call ready to deal with any problems.
He says the key is better use of automation and AI so that staff are more confident that any breach will be quickly detected, making it easier to enjoy leisure time without worrying that they are leaving a longer window for attackers to exploit any breach.
Best Of The Rest
Finally, here’s your quick-fire round-up of the other cybersecurity stories that caught our eye this month:
- A new social engineering scam uses web contact pages rather than email to make the first move: http://www.techrepublic.com/
article/cybersecurity- attacker-uses-websites- contact-forms-to-spread- bazarloader-malware/
- Google continues to spend big buying up cybersecurity companies – this time splashing out $5 billion: http://www.siliconrepublic.
- Tech brands sign up to a corporate responsible security pledge: http://www.computerweekly.
com/news/252514448/Tech- brands-sign-on-to-HackerOne- responsible-security-drive
- Google Play security vetting fails again as 10,000 Android users downloaded a QR scanner hiding a remote access trojan: http://arstechnica.com/
information-technology/2022/ 03/google-play-app-drops-data- stealing-teabot-rat-on-10000- android-phones/
- Russian demand for virtual private networks (VPNs) is rocketing following the Russian government’s decision to ban social media platforms: http://www.axios.com/vpns-
evading-russias-internet- blockade-c39ee764-391c-4f65- 9d8d-32711eb72675.html
- A new Ontario law confirms businesses can monitor their staff’s online activity at work (including for security reasons) but must tell them what they monitor and why: http://www.blg.com/en/
insights/2022/03/ontario- introduces-electronic- monitoring-legislation