Ian Cornielje, Tergos: “the importance of cybersecurity is still terribly underestimated by organisations”
Because of the current global events, the demand for cybersecurity upgrades has been rapidly increasing in the business sector. It’s safe to assume that only critical situations force companies to take online safety seriously.
Even though the number of companies that integrate solid cybersecurity tools into their systems is continuously growing, there are still numerous cases of data breaches each day. Experts emphasise, that implementing reliable password managers, antivirus software or other consumer-grade tools is only a tiny step toward better cybersecurity in a company.
To find out, what is truly necessary to maintain comprehensive protection around devices and data, we have interviewed Ian Cornielje, the Cybersecurity Recruitment Consultant from Tergos – an IT infrastructure and security staffing company.
I was not working at Tergos when it was founded. But Tergos originated as a “brand” under the organisation Vibe Group. Tergos was created because our founder Diane Kwakman, who is still in charge, saw a need in the market to recruit and mediate cybersecurity specialists in an in-depth way. This will be elaborated more in the next questions.
I am responsible for the recruitment and mediation between interim cybersecurity specialists and client organisations, which is done according to a technical substantive, and in-depth approach. By this, I mean that in our work we consider the technical match and the personal match between the cybersecurity specialist and the client organisation very important.
A concrete example is that every cybersecurity specialist we work with is always first met in person by two Tergos employees. This allows us to map out the technical knowledge and personality of the specialist. Because in addition to the fact that a specialist must have the right knowledge, we also think it is very important that a specialist has a good personal connection and fit with an organisation. We also apply this way of working towards the client organisation. We map out what technical knowledge a cybersecurity specialist should have. But we also want to know what character traits the cybersecurity specialist must have and in what kind of work environment the cybersecurity specialist will be working to establish a good personal fit.
The main challenge I help to solve is to provide our client organisations with the best fitting cybersecurity specialist. And also to offer cybersecurity specialists challenging projects or jobs with which they can expand their knowledge, experience, and network.
A tip for client organisations is not to just look at the CV or certain certifications of the specialist. The adaptability and character of the specialist are often given too little attention.
What is actually important for cybersecurity specialists is to communicate more and listen to their colleagues. Cybersecurity is not a black and white concept where everyone just has to do their tasks. It is more successful when done together in an organisation.
It is fascinating that events in the world directly influence our work. In particular, geopolitical events or software vulnerabilities affect our work the most. For example, due to the situation between Russia and Ukraine, the demand for cybersecurity specialists is increasing much more. Client organisations now pay more attention to cybersecurity than they did before.
Another example was the Log4j vulnerability. As a result, client organisations and cyber security specialists were working around the clock to solve this problem as quickly as possible. It was not the case that the demand for cybersecurity specialists increased because of this, but there was little regard for other issues at the time.
I have a short and simple answer to that. The importance of cybersecurity is still terribly underestimated by organisations. As a result, too little is done within organisations and therefore there is insufficient knowledge and expertise available to solve problems.
In addition to the importance of cybersecurity being underestimated by organisations, it is a misconception that cybersecurity is "finished" at some point. A single penetration test or the one-time purchase of a cybersecurity product is not enough. It is an always ongoing process, after all, malicious parties never sit still either.
Smaller organisations also have to invest in IT solutions. Of course, it must be financially and organisationally possible to implement these kinds of solutions. Certainly, when IT is a critical part of your organisation, which is quickly the case, you must still be able to solve problems. Everyone is at risk from malicious parties or potential vulnerabilities
A simple tip that I can give to everyone, regardless of financial or organisational possibilities is: It all starts with awareness. Keep your passwords safe, be aware of what you are doing, and be alert. It is also crucial that everyone in the organisation must be aware of risks and act accordingly. Anything can be an entry point for malicious parties, both physical and IT-related. A mistake is easily made and not always quickly resolved.
Given the increasing demand for cybersecurity specialists, the future of Tergos looks bright. It is no secret that the demand for cybersecurity specialists exceeds the supply. This makes it more difficult for organisations to find the right cybersecurity specialists. The role of Tergos will only increase to help organisations with this increasing need.
In need of IT Infrastructure or Cyber Security professionals? Tergos gets you to the next step with our extensive network of experts. Read more about our IT staffing and consulting services for organisations.
Want to boost your career? Tergos is the partner that helps you to your next assignment or employer. Read more about the possibilities and find your match.