Cybersecurity and Fraud Protection
Attracting Skilled Talent to Cybersecurity
Meagan Ringel, JPMorgan Chase’s Head of Operational Excellence for Cybersecurity Operations, discusses the growing talent gap in hiring for cybersecurity jobs, the need for diversity in the field and how individuals can protect themselves from cyberthreats.
This article was originally published in Commercial Banking’s magazine, Cybersecurity: Making Security Personal.
Meagan Ringel is responsible for establishing standards of performance and executing on opportunities to improve efficiency and effectiveness. Her team helps drive goal and priority alignment across Cybersecurity and Technology Controls stakeholder groups, conducts root cause analysis, monitors performance indicators and implements improvement opportunities. During her 15 years at JPMorgan Chase, Ringel has performed roles in Compliance and Technology, including managing a financial crimes investigative unit and managing the delivery of strategic technology initiatives to support Commodities Trading and Credit Risk within the Investment Bank.
Q: Experts report hundreds of thousands of unfilled cybersecurity jobs and predict that the gap will continue to grow over the next several years. In light of the growing gap between skilled cybersecurity workers and open cybersecurity jobs, how can companies attract qualified talent?
A: The language we use to describe the cybersecurity field can seem very specialized, but the reality is that the skills needed in cybersecurity translate well from several other disciplines—having a business, operations or risk perspective are valuable in problem solving.
My own career path has been varied; I started in software engineering and later moved into a compliance role leading a team of financial crimes investigators focused on anti-money laundering (AML) and terrorist financing. I learned about developing risk-based approaches to defining monitoring rules and investigative procedures. Cybersecurity was a natural progression combining my background in information technology (IT) with financial crimes investigations. To successfully attract talent to cybersecurity, we need to make the industry more relatable and demonstrate that cybersecurity isn’t just about hackers.
Q: In the cybersecurity field, female workers are significantly underrepresented. What challenges discourage women from pursuing the field?
A: Similar to the IT field, cybersecurity lacks diversity in our workforce, and any time there is a lack of diversity in a particular industry, it can become a barrier for anyone who prioritizes working in a field that reflects their own community. People want to work where they know they are valued and respected. The lack of diversity itself is a barrier to entry, which means the industry loses the benefits of broad experience and problem solving that diversity promotes—benefits that are critically important to stay ahead of cybercriminals.
Understanding the root causes underlying the gender gap will help overcome these challenges. Recently, there’s been a lot of progress in our education system, as well as the private and public sectors, to raise awareness about the importance of STEM (science, technology, engineering and math) careers for both men and women.
Personally, I’m fortunate that JPMorgan Chase celebrates diversity, and we continue to lead initiatives to improve our representation of diverse talent.
“...the skills needed in cybersecurity translate well from several other disciplines—having a business, operations or risk perspective are valuable in problem solving.”
Q: How is JPMorgan Chase encouraging diversity in cybersecurity?
A: The firm practices inclusion, continually fostering a community with a shared purpose. Diversity in our leadership helps reflect and represent a broad range of perspectives. They pay it forward with coaching, mentoring, leading by example and ensuring we recruit traditionally and cognitively diverse talent—and we invest in our communities to build a pipeline of future leaders.
Q: What drew you to the field of cybersecurity?
A: Cybersecurity adds a layer of excitement. The importance of the work and understanding what’s at stake makes every day meaningful. The impact of the work of cybersecurity professionals is profoundly valuable and far-reaching. It helps protect the firm, our clients and our national and global infrastructure." to read "It helps protect the firm and our clients, as well as our national and global infrastructure.
Q: The impact of your work in cybersecurity hits close to home too. What are the biggest threats for individuals, and how can they help protect themselves?
A: Social engineering, specifically phishing, is the most common vector of attack against individuals because it is low-cost and particularly effective for cybercriminals, who continuously evolve their schemes to evade detection. All too often I hear from someone whose identity was stolen through a phishing attack. When asked, my advice always starts with a conversation about what’s at risk. Sometimes people are surprised to learn that their mobile phones and even smart home systems expose them to a cyberattack.
To protect themselves, individuals should follow best practices such as:
- Use secure credentials with strong passwords and set up multifactor authentication.
- Practice good cybersecurity hygiene while using devices that are connected to the internet, including smart home devices and mobile phones.
- Protect sensitive information.
- Never connect to unsecured Wi-Fi, especially if banking apps are installed on the device.
- Keep devices and systems updated.
Individuals should always stay informed about cyberschemes and know how to recognize a threat before it becomes an issue.