EXECUTIVE SUMMARY:
The cyber security industry is facing a massive talent shortage. As the CISO or CTO of your enterprise, you’re well-aware of the challenge that is finding and retaining high-caliber cyber security talent. Security employees cite continuous burnout, competitive offers and lack of career progression opportunities as reasons for leaving workplace environments.
As a result, security positions are going unfilled for months, security oversight is lacking, and companies are falling behind in providing adequate levels of cyber security training to employees. Further, the lack of skilled personnel is not only placing companies at-risk. It is affecting the job satisfaction levels of existing staff.
The cyber security pipeline remains narrow, and the path to a game-changing talent strategy is complex and ambiguous. How should your organization aim to attract talented, experienced cyber security professionals?
Winning the talent war: Keys to success
1. An accurate job description. In advertising a new cyber security role, getting the job description right is critical. But many organizations leave this to the HR department in entirety. The HR staff always mean well, but don’t always accurately portray the skills required.
More than half of cyber security job candidates say that lack of clarity in a job description suggests that the organization does not understand security. Abstract language and descriptions that do not seem to sync with security needs fail to appeal to candidates.
HR teams need to work closely with existing technical staff in order to accurately convey what the job entails.
2. Tell your story well. Your company’s story must resonate with potential job candidates. Find a unique angle through which to tell your brand’s story, and differentiate your story from that of the competition.
Connect your brand’s story and your IT department’s story to current events (although be sure to avoid potential PR blunders in the process). For instance, has the LastPass issue prompted your organization to pursue a password best-practices overhaul and an SSO initiative?
Remember to keep your story simple, straightforward and engaging. Effective storytelling can help you retain a candidate’s interest in your company and prepare them for an exciting career on your team.
3. Ask the right interview questions. Remember that the interview is a conversation. Avoid getting hung up on number of years of experience, degrees or certifications. Zero-in on individual thinking, mindset, curiosity, and intellect. Listen closely to your candidates and consider providing them with “homework” to have them prove their competencies in relation to a key task demanded of the role.
4. Attractive compensation. Depending on your organization, you may need to increase your budget in order to attract the staff that you need. However, a strong acquisition and retention strategy is built on more than just money. Research shows that 34% of CISOs left their organizations because they felt that they lacked a voice in decision-making. The bottom line is that attractive compensation is key, but so are internal opportunities to really own a piece of the security puzzle.
5. Offer advanced learning opportunities. Retain seasoned cyber security staff by offering periodic role-based learning opportunities. There are incredible high-quality cyber security training resources and programs available across the web.
Vendor-leaders like Check Point have made security knowledge and skill acquisition programs accessible to all. Those who sign up for the Check Point Mind portal can select any of a wide range of cyber security courses and programs that are available via over 200 partners.
Further thoughts
For every problem, there is a solution. The best solutions typically result in high-quality opportunities for individuals with the right skills, training and mindsets. As a technology professional, you have the potential to reorient the cyber security talent crisis and to transition it into a contributing element of your company’s bright future.
We hope that you can achieve the development of the cyber security workforce that will enable you to accomplish your objectives. For more insights into how to resolve the cyber security talent shortage, and how to hire the right talent, please see CyberTalk.org’s corresponding eBook – available here.
Lastly, to receive cutting-edge cyber security news, best practices and resources in your inbox each week, please sign up for the CyberTalk.org newsletter.
