Wells Fargo’s chief information security officer explains why being well prepared and recruiting a diverse workforce are key to cybersecurity.
Wells Fargo’s chief information security officer explains why being well prepared and recruiting a diverse workforce are key to cybersecurity.
Diversity & Inclusion
April 1, 2016

Key weapons in cybersecurity fight: Preparation and people

Wells Fargo’s chief information security officer explains why being well prepared — and recruiting a diverse workforce — are key to the battle for cybersecurity.

Rich Baich, chief information security officer for Wells Fargo, participated in the International Consortium of Minority Cyber Professionals’ 2016 National Conference of Minority Cybersecurity Professionals. We asked him how cybersecurity professionals can be ready for potential attacks — and why diverse recruiting in the field is so important.

Q: Cyber criminals are good at changing their tactics regularly. How do cybersecurity professionals keep up?

Baich: At a time when cybersecurity breaches are becoming more frequent and significant, organizations need to make cybersecurity capabilities a priority. Ultimately, strong cybersecurity programs help us protect customers, shareholders, confidential information, and our reputation. Even if you have not yet had an occurrence or breach, you must be ready for potential attacks.

Wells Fargo’s chief information security officer explains why being well prepared and recruiting a diverse workforce are key to cybersecurity.
Baich

Cybersecurity professionals need to understand that investing on the front end and focusing on the evolving risk landscape, new technologies, and business processes can help companies prepare for possible attacks. Teams must continue to train for incidents: The more realistic the training, the better prepared the cybersecurity professionals will be to respond. Cyber criminals only have to be right once, while our cyber defenders need to always be vigilant.

Q: In recruiting cybersecurity pros, is there anything that makes working in financial services different from other industries?

Baich: From an industry perspective, there is an extreme shortage of cybersecurity personnel, and this gap continues to widen. When addressing information security, we always talk about three key components: people, processes, and technology. People are the most important component. You can have the greatest technologies in place, but if you don’t have dedicated and knowledgeable team members, it will not help. You have to have the right talent.

Financial services can be a highly targeted market for cybercrime. We know information security professionals choose organizations based on their security reputation and security culture. The better security reputation you have in the industry, the better talent you can attract and retain, which ultimately supports your organization’s culture.

Q: Wells Fargo considers diversity and inclusion a business imperative. How does that translate into your recruiting efforts?

Baich: We know there is a gap in the diversity of cybersecurity professionals across the industry. Leaders at all levels must accept accountability for diversity and inclusion. We must be committed to building a diverse pipeline of talented cybersecurity candidates with representation from all diversity dimensions, while enhancing opportunities in cybersecurity education and employment for women and minorities.

We have to explore new recruiting channels and be open to thinking creatively, actively recruiting these professionals instead of waiting for them to find us. We must take initiative to sponsor valuable conferences hosted by groups like the Executive Women’s Forum and the International Consortium of Minority Cybersecurity Professionals. We must also take it a step further: Once we hire these top-rated candidates, we need to create an environment that allows each team member to feel valued and appreciated. They need to know their efforts matter.

Q: What’s the takeaway from your participation in the National Conference of Minority Cybersecurity Professionals?

Baich: Serving on the Strategic Advisory Board for the International Consortium of Minority Cybersecurity Professionals and participating in its national conference allow me to work alongside my peers as we discuss challenges in providing educational and employment opportunities for underrepresented groups of people globally.

Cybersecurity is one of the most serious national security challenges we face, as well as one of the fastest-growing disciplines worldwide. We must reach out to their communities to support minority education and research to meet this growing demand. We have to begin early in K-12 programs to enhance cyber education efforts and integrate cyber studies into STEM curriculum. This conference provides us the opportunities to work toward sustainable solutions for our future workforce.

Topics: