Winning the Cybersecurity Talent Wars
Savvy recruiting wins in a tight labor market
All month TalaTek is covering critical topics in support of National Cyber Security Awareness Month. Follow us at TalaTek.com or on Twitter.
The Center for Cyber Safety and Education reports a 66% shortfall of information security workers this year, up from 62% in 2015, with a global shortage of 1.8 million workers by 2022. The National Center for Education Statistics tallies that annually 60,000 graduates in computer science and information security enter the workforce – and are quickly snapped up.
Hidebound hiring managers inadvertently sabotage efforts by mandating that candidates have deep backgrounds in technology, with 4-year degrees in computer and information science. Those who only tap their preferred social and professional networks for hires greatly narrow their options, missing out on less conventional candidates who might possess stellar communication and analytical skills, job skills hiring managers indicate matter most, according to the Center for Cyber Safety and Education.
Well-qualified cybersecurity professionals are a staple of integrated risk management programs
Well-qualified cybersecurity professionals are a staple of integrated risk management programs, but the path from novice to expert varies, often dovetailing with complementary fields. Companies attract and cultivate talent through innovative hiring, lateral recruiting, security boot camps, and apprenticeships. Successful initiatives start with a clear plan. Consider the resources below to get started:
- The Center for Cyber Safety and Education’s 2017 Global Information Security Workforce Study (GISWS) benchmarks workforce capacity and response to cyber risk, providing insight into worker shortages and recommended changes in hiring practices.
- The Center for Strategic and International Studies’ (CSIS’s) report “Recruiting and Retaining Cybersecurity Ninjas” outlines factors that can make an organization the employer of choice for highly skilled cybersecurity experts, or what CSIS calls “cybersecurity ninjas.”
- NIST SP 800-181 outlines NIST’s National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework, co-developed by government, academia, and the private sector. This reference and lexicon describes cybersecurity work and the necessary skills to strengthen an organization’s cybersecurity posture.
- NIST’s NICE Cybersecurity Workforce Framework Toolkit provides a structure to help leaders plan, build, and advance a cybersecurity workforce.
TalaTek can strengthen your policies and procedures governing your cyber practices, including hiring processes. Leveraging decades of success in attracting and retaining top cybersecurity talent, we can help your organization develop a sound information security strategy, with the right team to support your mission. Contact us at info@talatek.com.
