By Edwin Doyle, Global Cyber Security Strategist, Check Point Software.
“Saturated” is often a term heard used when people talk about IT. Having two or even three times more applicants than the number of employment opportunities is not uncommon these days. However, within large industry niches, supply doesn’t always meet demand.
Such is the case with the cyber security.
A statistical look at the industry
Research shows a cyber security talent gap across many countries and at the time of this writing, it includes the U.S. The supply/demand ratio currently sits at 68 percent nationwide, meaning organizations are struggling to fill as much as 32 percent of available employment. Digging into the details for common cyber security needs, we find over 45,800 jobs require a CISM (Certified Information Security Manager) vs. only 19,110 CISM holders. Similarly, nearly 117,000 jobs require a CISSP (Certified Information Systems Security Professional), but there are only 93,591 certificate holders.
If you’re in an emerging field, demand can easily outweigh supply. However, with a career in cyber requiring lengthy certifications, there’s also a need to creatively think out of the box and expand your horizons when hunting for talent. Of course, targeting IT students and professionals makes good sense.
It’s also sensible to search for qualified employees in unexpected places.
Granted, it would be a stroke of luck, per Google legend to find another Eric Schmidt at the Burning Man festival to head your company. There’s no reason to believe you can’t find that diamond in the rough with individuals in other walks of life that are interested in cyber security. It may be that all they need is your help to make them successful in a new career.
Here are some out-of-the-box ways to look for talent in the cyber security space:
Create job descriptions that attract talent instead of fulfilling requirements
Start by looking at what you’re demanding from potential employees and if those demands are realistic. Asking an entry-level professional to have a long list of career qualifications is unrealistic and unnecessary. Review your job descriptions and remove any capabilities that can be easily taught to your potential security-minded employee.
Visit local events and brand them
We have diverse tastes in all aspects of life. At the same time, brand recognition is often stronger in the community that’s heard about you, uses your services, or sees you daily. So, it makes sense to search among the community for potential employees. Whether it’s a music festival or a 5k marathon, having presence in your local market can be useful.
Create a referral program
People love incentives, so why not try it with your recruiting process as well? Give people a commission, gift, or some other incentive to refer talent that successfully gains employment at your organization.
Everyone wants to hire exceptional employees that are not hired by your competitors. Who would have thought that the CEO of one of the world’s largest and most successful digital corporations would be recruited at Burning Man! Getting creative with the hiring process may help you find the right people, even when they’re in short supply.
For detailed insights into the Log4j vulnerability, please join us at the premiere cyber security event of the year – CPX 360 2022. Register here.