The well documented cybersecurity talent shortage hits organizations of all sizes. But even if a larger company has the advantage being able to throw more money at candidates with cybersecurity expertise, it may not be sufficient if the work isn’t sexy enough. Regardless, CIOs and CSOs must battle on and reckon with reality.

Three tips offered up in this article:

  1. Start with realistic expectations–take stock of the security culture of your organization: what is the risk tolerance, what are the objectives.
  2. Evaluate managing security with your own paid staff versus hiring an outside partner.
  3. If you choose to manage security on your own, think through the details and create a plan that focuses on specific needs, costs, and how to ensure your A-Team can succeed and develop.

Read the full story here.