Elite CIO Logo

BECOME MEMBER
Back

Cybersecurity Talent for the Future

  • By Elite CIO
  • Date Feb 18, 2019
  • Quotes4

The cybersecurity profession is facing a shortage of qualified talent to fill an increasing demand for positions, as so many reports inform us.

The cyber security profession is facing a shortage of qualified talent to fill an increasing demand for positions, as so many reports inform us.What I find self-fulfilling about our “talent dilemma” is the acknowledged rapid rate of technology change, yet the ongoing quest for specific technical experience and expertise. We seek plug-and-play people to match technology components, rather than individuals with foundation skills and an aptitude and desire to learn changing technology.

As processes and people internal and external to our organizations continually adapt to ongoing technology changes, our profession requires the skills in systems thinking, problem-solving, innovation, and collaboration. Cyber security professionals need strong business proficiency, including communications skills and the ability to manage risk in support of desired business outcomes and risk tolerance levels of organizations. We need work force that reflects the diversity of customers and organizations.

Yet, when we look at job postings for information security positions, we see traditional male-dominant language, a long list of specific technical infrastructure and coding experience, and a preference for technical or information science degrees, particularly computer science. Do those elements yield the applicants with broad skills and perspectives we need, or is that the CV customary for our current homogeneous information security workforce?

The Common trait across the cyber security industry is the absence of a common path to a cyber security career. According to the Cyber security surveys conducted in the year of 2017, the outcome is 19,000 cyber security professionals worldwide, 87 percent of us started in a career path outside of cyber security. Of those, 30 percent came from non-IT, non-engineering backgrounds, including business, marketing, finance, accounting, military and defense.

How do we improve our recruiting – and retention – practices to attract and develop the enduring combination of skills we need for successful cyber security professionals? Follow these five steps as a start:

        1.  Prioritize the top 10 skills – technical and cultural – for a role and limit the job description to those;

        2.  Check for and correct gender bias in the wording of job postings, using a free or commercial tool;

        3.  Use consistent interview questions and skills assessment processes for all applicants;

        4.  Provide ongoing training in both technology and business leadership skills;


Author – Mr. L. K. Tripathy, CGM-IT, Rockman Industries