Cyber industry is in critical need of workers at large, public companies, Lookout CEO says

BY Sydney LakeDecember 01, 2022, 6:27 PM
Jim Dolce, CEO of cybersecurity firm Lookout. (Courtesy of Jim Dolce)

Much like the entire IT landscape, the cybersecurity industry has undergone massive change during the past decade. With more companies and individuals moving their data to cloud services—think: Amazon Web Services, Microsoft Azure, and the like—there’s both a greater demand and challenge in providing adequate cybersecurity services. 

The move to cloud services has put more pressure on large, public companies to get their cybersecurity services in place, Jim Dolce, CEO of cybersecurity firm Lookout, explains to Fortune. The company that was formed 10 years ago during the onset of smartphone usage and was originally developed as a consumer product. But the company has grown to provide cybersecurity services to large enterprise clients. 

“Your security expertise now has to be cloud-oriented and cloud-focused,” Dolce says. “This is probably the biggest transformation in the history of IT as we move from private data centers and move all our applications and our data into the cloud where it is publicly accessible.”

It’s not so easy finding the expertise needed to meet these new cybersecurity challenges. In the U.S. alone, there are more than 700,000 open cybersecurity positions—and the number of cybersecurity attacks is also rising. Companies like Lookout are making concerted efforts to help close the gap. 

About seven years ago, Dolce noticed there weren’t enough engineers who had an interest in cybersecurity—and surely not enough female engineers. The company started a movement to get more female engineers interested in cybersecurity jobs by first inviting 25 software engineers to a recruitment event at the company’s headquarters. Over the years, this initiative, coined Shecurity, grew beyond what the company could manage on its own. Now it’s been syndicated, and there are conferences with thousands of participants each year. These participants have front row seats and access to top cybersecurity partners including Google, Salesforce, Amazon, Microsoft, Autodesk, Netflix, and Pinterest.

“This really shows you that, in a matter of 5, 6, 7 years, interest in cybersecurity has grown dramatically,” Dolce says.

Fortune sat down with Dolce to learn more about the cybersecurity needs at large, public companies and how they can lock down the talent they need.

Why large, public companies need cyber talent

Fortune: What industries are in the most need of cybersecurity services?

Dolce: Cybersecurity has become a focal point for every large business—frankly, for every business—but more so for large businesses and public companies. It has become a board-level discussion. The SEC is actually thinking about requiring a cybersecurity expert on large public company boards. That would be a big initiative on the part of the Securities and Exchange Commission.

It’s confirmation that cybersecurity needs to be front-and-center if you’re a large enterprise—especially if you’re a public business where you’ve got a bigger responsibility to protect shareholders.

What type of cybersecurity talent do large companies need?

The IT industry is transforming in and of itself. We have cybersecurity products and cybersecurity experts. They’re in place to protect your IT systems, secure your data, and protect your data. Companies are moving applications, software, and data from physical private data centers—you know, that closet where you hear the fans whirring—up into the cloud and into cloud services, whether it’s Microsoft Azure, Google, or AWS. 

That is a major transformation that’s happening in IT that is defining the new type of cybersecurity expert. Your security expertise now has to be cloud-oriented and cloud-focused. This is probably the biggest transformation in the history of IT as we move from private data centers and move all our applications and our data into the cloud where it is publicly accessible. The question now is how do we secure it and keep those who aren’t supposed to have access to it out of our private data secure in a cloud environment?

This is creating demand for a new type of cybersecurity expertise. It’s changing the entire landscape of cybersecurity risk management. Now we’re looking for folks who have cloud expertise and understand how the cloud works and how these big cloud providers secure a very different environment than perhaps it was some years ago.

How has the cloud changed the type of cybersecurity talent companies need?

I like to use an analogy when I have discussions like this. I use the castle and moat analogy. You have this big castle, and around there’s this moat with alligators and everything else in it. And you have this drawbridge with a sentry sitting at the gate making sure that the only people that can pass are those that are authorized to pass. That was the old IT model. The castle was the private data center. You would basically build a moat around that castle and you’d have a firewall. Nothing went in and out of the castle—or nothing went in and out of this private data center—unless it passed through the sentry—or it passed through the firewall. That was what was a very secure model. IT folks slept well at night knowing that all of their application software and their data was protected by this moat.

The cloud changed all of that. We basically took all the assets out of the castle and we moved them up into the cloud where they were publicly exposed and anyone could ultimately get access to them. That’s a very different environment to secure. The cloud is a technology that’s very attractive because it’s cost-effective and it’s flexible, but it has a very different cybersecurity profile. It has a different risk profile and that’s creating all kinds of demand for technology products, like the products we offer here at Lookout.

The skills cyber workers need

How can new cybersecurity professionals get the skills they need in the new IT climate?

Lots of colleges—particularly those universities with strong computer science departments—are now offering degrees in cybersecurity. If you are a young person who wants to have a career in cybersecurity, you should go to college and earn a cybersecurity bachelor’s degree, and even a cybersecurity master’s degree.

What advice do you have for professionals entering the cybersecurity industry?

There’s no doubt that cybersecurity is here to stay. It’s a growing industry. If you’re a young person getting out of school in your 20s, you can rest assured that you’ve got a good, strong 40, 50 years of opportunity ahead of you in cybersecurity. Technology is causing a lot of particular trades to go away and demand for talent in certain areas is diminishing because perhaps it’s been taken over. 

The job has been taken over by technology, by a computer, by a robot, whatever it may be. That’s not the case with cybersecurity. Demand for cybersecurity professionals, demand for cybersecurity technology is just starting. It’s going to continue to grow for as far as we can see because technology is going to continue to get more complicated and take on more of a role in our daily lives. More data will be generated. That data needs to be protected. That’s the job of a cybersecurity professional. It’s a career that you’ll be able to flourish in for years to come.

Check out all of Fortune’rankings of degree programs, and learn more about specific career paths.