Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

Alamy Stock Photo

Ex IBM manager: Pay, political neglect and public indifference all to blame for cyber failings

Paul Farrell retired as IBM Ireland’s General Manager last year but also was an officer in the Irish Defence Forces

A HIGHER BASIC wage for cyber security specialists in the Defence Forces will be needed to compete with multinationals and a major recruitment of reservists, according to the former head of IBM Ireland.

Paul Farrell, who retired as IBM Ireland’s General Manager last year, was a captain in the Irish Defence Forces before joining the international IT firm.

Writing in Signal, the magazine of the Representative Association of Commissioned Officers (RACO), Farrell said that the Defence Forces were competing with a huge amount of multinational firms with a major footprint in Ireland. 

He said that those businesses coupled with local specialist cyber security companies had made Ireland a hugely competitive place for cyber security specialists.

The Journal has previously reported on the work of the Communications Information Services Corps of the Defence Forces during the HSE Cyber attack. During that interview Commandant Frank Hickey spoke of their work and the retention crisis that the unit is suffering.  

Farrell said that the issue of cyber security and, in a broader sense State security, has never been more prominent in the public consciousness in the last 80 years. 

“We are undefended in this domain, through a combination of political neglect and public indifference. 

“This threat landscape and our lack of preparedness is not new – it has been emerging for at least 15 years but it has only received public prominence in Ireland in the last few months,” he said. 

The expert in strategic transformation and cyber security said that Government departments such as the Department of Defence (DOD) and Public Expenditure (DPER) would have to come up with “an imaginative and integrated approach” to attract the best and brightest to prevent future HSE hacks. 

One key area to look at, Farrell said, is the use of reservists and civilians to build capacity to respond to threats. 

At present there is a very active reservist element in the Defence Forces Communications Information Services Corps (CIS) but Farrell said that they would have to be targeted for full time use. 

“An integrated Cyber Defence organisation will need to be staffed with a mixture of permanent military staff, reservists (both voluntary reservists and post contract retired permanent personnel), and civilian staff (both individuals and what I have referred to as reserve industry).

“Very significant changes to the terms and conditions for reservists will be required including employment protection, pay and career prospects. 

“It should also be possible for reservists to re-enter the permanent organisation in a simple and expeditious way,” he added. 

Incentives

Farrell also believes that for permanent staff there needs to be “a very structured career model” with training and other incentives. This, he believes, will keep these highly skilled operators within the Defence Forces. 

The IT expert believes that pay is the critical issue and needs to be addressed as a matter of urgency.

“The median salary for all technology roles in Ireland is just over €73,000, however it is worth noting that tech, and security in particular, is a highly portable skillset and English is the lingua franca (common language) of the industry,” he added. 

As an example of pay at present, members of CIS at sergeant rank receive, before tax, an annual salary close to €49,800. 

This includes €141 so-called “tech pay” which is the highest allowance due to the fact that the technicians will have Level 8 degrees and Level 9 qualifications, such as masters from universities. A sergeants pay, before tax, is €814.37.

Despite this, according to Farrell, it is not anywhere near the €70,000 to €90,000 pay of an IT security Engineer.

For officers, according to RACO, there is a mandatory requirement of a Level 9 qualification to join CIS. 

Farrell said that other grades in civilian companies such as cyber security analyst will have take home pay of €48,000 to €75,000 while a security architect will have annual wages of €70,000 and €100,000. He said the estimates are at the conservative end of the scale.

The former military officer believes it is not an insurmountable hurdle for the Defence Forces to create an attractive workplace for the cyber security technicians if the political will is there to fund it.

Mark Keane of PDFORRA said that the main hurdle to retaining the staff is the greater work-life balance in civilian life and the better pay.

“These specialist are not just working in offices, they are still soldiering and must be deployed overseas and other issues – they are hugely qualified and are looking at well paid 9-5pm Monday to Friday.

They are being offered these jobs where they are not worried about doing other activities such as guard duty on a base or 24 hr duty in that role. They know exactly where they are and there are no emergencies – if there is there is overtime in civilian life.

“We saw their worth during the HSE cyber attack when they essentially put the HSE back on its feet.

“There has to be retention payments in increments and loyalty payments – there needs to be solid ideas and plans in place to keep them in the DF – they are being head hunted and there is more attractive offers. 

“Work practices need to be looked at and if they work unsociable hours they will have to be paid for that – it needs to be a radical change in how they are dealt with,” Keane said. 

Conor King of RACO, who represents the officer ranks, believes that there is a significant problem where some members of the team are paid the extra technical allowance pay but others are not. 

“We have a bizarre situation in our membership where half of our cyber experts are on tech pay, but the other half are not, despite having exactly the same mandatory Level 9 qualification to enter the CIS Corps.

“This is driving them out to jobs in the public and private sector where their skills are valued. 

“The department refuses to sanction their technical allowance payment saying that the organisational structure of the defence forces doesn’t allow for the payment,” he said. 

Readers like you are keeping these stories free for everyone...
A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

Close
5 Comments
This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
Leave a Comment
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.

    Leave a commentcancel

     
    JournalTv
    News in 60 seconds