EXECUTIVE SUMMARY:

Companies are desperate for cyber security professionals. The cyber threat landscape has shifted, and the risks to organizations’ critical business processes, systems and data are increasing. The future is perhaps more foreboding than ever before.

Remaining agile and defeating aggressive attacks without sufficient personnel often feels futile. How can your organization attract and retain cyber security staff, both now and across the next decade? Take a page out of these Fortune 500 firms’ playbooks.

Statistics

  •  We’ll need to increase talent by about 41% in the U.S. and 89% worldwide to meet the needs of our digitally transforming society.
  • By 2025, there will be 3.5 million cyber security vacancies worldwide, reflecting a 350% increase over an eight year period.
  • In 2022, across a 6 month timeframe, ransomware variants doubled, meaning that we must reinforce security prevention and detection efforts.

Fortune 500 insights

1. Dell has two words for you – “Secure workforce.” At Dell, the ethos is that employees need to be vigilant. “Security is everyone’s job,” says Chief Security Officer, John Scimone. “Over the last year, we’ve seen thousands of real phishing attacks that were spotted and stopped as a result of our employees seeing them first and reporting them to us.”

“[All interventions should run] against the backdrop of an organizational culture where every team member knows they have a role to play.” Employees must know what to do (VPN, securing the home network, traveling securely) and understand that adhering to cyber security best practices is really a job requirement.

2. Oracle suggests a new approach to hiring. Relax hiring standards by considering non-traditional candidates – However, be sure to provide improved and increased training. This approach yields the added benefit that is increasing diversity in the field.

A former theater professional could be transformed into an exceptional red-teamer. After all, who better to think on their feet than an actor? The right mindset, combined with foundational training and the development of the right skillset can add cyber security value to your organization.

3. IBM is tackling the talent shortage with new and expanded partnerships. In May of 2022, IBM announced education partnerships with the U.S. Department of Veterans Affairs, along with six historically Black colleges and universities (HBCUs) to offer no-cost job training. Within this program, IBM will offer a Security Learning Academy portal, including courses that will help universities enhance cyber security education portfolios. Students will also be able to benefit from the IBM Security Command Center, through which they can experience realistic, simulated cyber attacks, which will help prepare them for real-world scenarios.

IBM intends to provide 30 million people with career-ready skills by 2030, some of whom will join the company in the field of cyber security. Others will work for any of tens of thousands of employers – possibly yours.

Further thoughts

By addressing the cyber security skills shortage, your organization will also address issues like poor product integration, overabundance of security alerts, burnout and attrition. It’s about more than just cyber security alone.

Take action now. Create a new cyber talent acquisition and management system today. For more insights, please see CyberTalk.org’s past coverage.

Get Check Point CISO Jonathan Fischbein’s perspective! Read CyberTalk.org’s e-Book entitled A Guide to Closing The Cyber Security Talent Gap.

RELATED ARTICLESMORE FROM AUTHOR