The cybersecurity sector is growing, driven by an exponential increase in digital services and business transformation. The ramifications in terms of recruitment are considerable: there are 350,000 job vacancies in Europe. To understand this skills challenge within the European cybersecurity sector, Elisabeth Fonteix (Orange Group Director of Learning & Development) and Angus McMichael (Orange Cyberdefense Global HR Director) share their vision with us.
Worldwide, there are currently more than 3.5 million cybersecurity vacancies, including 350,000 in Europe. In France too, companies are struggling to find candidates while the sector is set to double its needs to reach 75,000 jobs by 2025.
How do you explain this talent shortage in the European cyberdefense sector?
Elisabeth Fonteix : We are indeed talking about the need for companies and authorities to recruit several million professionals worldwide. Undoubtedly, security is a strategic future sector with high recruitment needs because digital activities and cyber-protection go hand in hand. As more companies switch to digital, and more administrations switch to digital services, the more prevalent the cases of cybercrime.
Angus McMichael : It is true that in our sector, needs are directly linked to the huge increase in digital uses. In two years, since the start of the pandemic, this demand has only increased. However, on the supply side, schools and universities are not training enough young professionals and there are not enough senior experts. As a result, the talent shortage affects all countries, players, and professions.
Are American companies – particularly the GAFAM – also affected by this talent shortage?
E.F. : The job market primarily benefits cybersecurity experts. On the business side, many companies including the GAFAM are trying to recruit them by offering high salaries, but all digital players are in the same boat. Beyond this sector, banks also recruit many tech profiles, as well as the automotive industry, which is focused on autonomous vehicle development. Manufacturers are also going through digital transformation and therefore require cybersecurity experts. They’re purchasing technology but they also require talent.
A.M. : While the GAFAM have taken advantage of Silicon Valley’s prestige, salaries and attractiveness, the perception of these web giants has been changing in recent years. They are no longer as appealing as before, and some candidates are switching to European players.
Skills development is a key commitment. When someone joins us at Orange Cyberdefense, they know that we will invest in their training.
More precisely, what are Orange Cyberdefense and the Orange group doing to attract more experts?
E.F. : The same as with all our recruitments in technical professions, several key elements come into play: long-term career development prospects, assignments on innovative projects… We also differentiate in terms of the working conditions we offer, leaving ample room for autonomy and responsibility. Without forgetting that despite its rapid growth, Orange Cyberdefense is still a close-knit and friendly community.
A.M. : Skills development is a key commitment. When someone joins us at Orange Cyberdefense, they know that we will invest in their training. They know they will benefit from added-value career prospects, whether in terms of operational excellence or managerial development if they so wish. This makes it possible to offer young candidates more choice over their career. A technician can evolve and become an engineer. A pentester (or ethical hacker) can become an IS security manager, architect, or consultant within Orange Cyberdefense or elsewhere in the Group. With this in mind, we promote international mobility through operational missions. For example, a technician from our Security Operations Center (SOC) in London can join the SOC in Malmö in Sweden for six months to offer their expertise and develop their own skills, or a cybercrime analyst in Paris can do a voluntary international placement in Montreal or Singapore to experience life abroad.
Is there a typical skillset you’re looking for at Orange Cyberdefense?
E.F. : We’re recruiting for both engineering and technician roles as well as analysts. Candidates must be specialized in cybersecurity or have completed general training with an option in cybersecurity. For more “business” profiles, some management schools are also starting to offer “digital security” oriented courses. In any case, motivation, the willingness to share expertise and the ability to work in an agile way are essential.
A.M. : In 2021, Orange Cyberdefense recruited more than 650 people in all cybersecurity domains. Pentesters and cyber technicians are highly sought after. These are technical roles, but what stands out are the candidate’s soft skills which have now become essential. The pandemic has shown how autonomy is essential for succeeding in our sector. We’re also looking for sales architects, who are less technical and more able to offer customers the cybersecurity services they need.
What resources are available to Orange group employees to increase their skills in the field of cybersecurity?
E.F. : At Orange, cybersecurity has become a strategic issue, resulting in the opening of Orange Campus Cybersecurity in 2019, which is a training offer for all Group employees made up of more than 3,000 modules, ranging from awareness to the more advanced courses. In 2021, 26,000 employees were trained on the subject. Since 2020, our Apprentice Training Center (CFA) in France has also offered students a Cybersecurity Engineer training course and placement, for example within Orange Cyberdefense in one of our Group’s expert teams.
A.M. : At Orange Cyberdefense, 75% of our 2,500 cybersecurity experts receive training every year. In 2021, we launched an MSc with the University of Dublin for our English-speaking colleagues. At an international level, we have a hundred employees currently in training to fulfil the needs of Orange Cyberdefense, Orange Business Services and Orange Middle East Africa. At the same time, we have set up a business community dedicated to cybersecurity. This channel enables experts to discuss topics internally, access training, and identify talent at Group level, anywhere in the world.
We work in partnership with several programs such as Women in Tech, which actively promotes female success stories in tech and cybersecurity.
Globally, only 11% of cybersecurity experts are women. How are you increasing female representation within teams at Orange Cyberdefense?
E.F. : We’re also proactively recruiting women. For example, our last two Orange CFA cohorts included 25% women apprentices. We also need to change the public’s view of digital and cybersecurity professions, which is why we act upstream, by encouraging girls to choose technical subjects and careers. We work in partnership with several programs such as Women in Tech, which actively promotes female success stories in tech and cybersecurity.
A.M. : Increasing female representation in cybersecurity is essential to address the talent shortage. Today at Orange Cyberdefense, 13% of our workforce in technical professions is female (20% all functions combined). We’re committed to improving gender equality, but the issue is industry-wide, as it is still very male dominated.
What would you say to a candidate to make them want to join Orange Cyberdefense?
E.F. : Joining Orange Cyberdefense means joining the leading European player with all the added value interest and opportunities that implies for a young candidate. It also means joining a friendly and close-knit company backed by a large international group.
AM : On a European scale, we will exceed €1 billion in revenue next year and we aim to strengthen our organic growth and presence in Europe. Joining Orange Cyberdefense means being part of a dynamic organization that’s going places.
- Cyber threats: scale and scope of the French State
- Sovereignty, trust, and competitiveness: the end goal for public-private cyberdefense cooperation
- What do you do in the event of a cyberattack? AFNOR shares its experience
- Cybersecurity: a booming market in Europe
- Suzan: “We need to spread the word that there are many great benefits for women in cybersecurity”
- Cybersecurity in business: each player in the value chain must cooperate
- Cyber protection: three things you should do in the office and at home