What kind of study background should you have in order to work in information security?
‘To put it simply, you must have training or competence in the areas that your information security work will involve. For example, one of my own tasks is to provide legal support; I have a Master of Laws degree and my competence has been acquired through this,’ Katja Kivivainio explains.
‘Nowadays in Finland, if you are passionate about information security right at the start of your studies, there are study tracks through which you can focus on cyber security. And these are indeed clear paths into information security work. I myself graduated from Laurea University of Applied Sciences, where you can study a degree programme in safety, security and risk management. When I was there, information security studies were all optional – none were yet compulsory. Today, there are more opportunities for information and cyber security studies, even though the emphasis remains on overall security and risk management. In other words, the options for studying information security have increased,’ says Annette Forsell.
To whom would you recommend a career in information security?
‘In short, I would recommend this career for all curious people who are prepared to continuously develop themselves. In this field, you must have an interest in a very wide range of topics, and it is necessary to continuously develop your own expertise in both administrative and technical matters in order to keep up-to-date. Legislation is changing, technology is changing, and the attack methods are changing. It is certainly a positive thing that it doesn’t get boring and you are able to develop all the time and learn new things,’ says Riitta Gröhn.
Katja Kivivainio adds that good problem-solving skills and analytical working methods are a plus in this line of work. Annette Forsell agrees, and also notes that there really is no need to be a black-hooded nerd working in a dark room. ‘There is no one category of people who are suitable for this work. On the contrary, it would be good for us to have a wide range of different people working in information security, people with new ideas and approaches to solving problems,’ she emphasises.
Why do we need more diversity in this field?
‘This field is suitable for so many people. If we are pursuing Finland’s goal to remain a leading country in cyber security well into the future, we need more people to work in the information and cyber security sector. We need diverse expertise, as well as experts from different fields and people who are switching professions,' Riitta Gröhn emphasises.
Annette Forsell notes that, through visiting various information security and cyber security events, she has seen clearly how there are still very few female specialists in the field. ‘At those events, you certainly don’t need to queue for the women’s loo!’ Annette Forsell says with a laugh and continues: ‘Normally, 80–90% of participants at such events are men. In the future, it would be great to see more specialists of different backgrounds, different genders, and different ages in this field,’ she concludes.
Want to hear more about cyber security?
You can also read a student and professor interview on the topic via the link below.