3 Ways to Tackle the Cybersecurity Shortage

Article main image
Jul 30, 2019

The cybersecurity talent shortage is reaching dangerous heights.  Research by (ISC)2 estimates the global shortage at just under three million positions; 498,000 are in North America. For companies in every industry, this shortage is a source of insurmountable stress. The data and privacy of their customers, employees, and company-wide details are at risk.

It’s time for recruiters to solve this talent shortage by shifting the focus away from external hiring and instead tackle the talent shortage issue internally.

Here’s how talent management leaders can help their companies overcome the cybersecurity skills gap:

1. Define what makes a successful cybersecurity employee

A general interest in cybersecurity isn’t enough to qualify a person for a  cybersecurity role. That’s why managers and supervisors must clearly define the skills and traits of a successful cybersecurity professional. Leaders can then ensure they’re spending training time and money on employees who have the highest chances of success.

Begin by assessing cybersecurity professionals on your team. Identify foundational traits and abilities that promote their success. If you don’t have current cybersecurity employees, assess employees on cognitive abilities and personality traits needed to quickly and effectively learn new technological skills.

Use the assessment data to define clear cybersecurity roles and requirements. The (ISC)2 report reveals that those in the cybersecurity field possess strong soft skills and knowledge of basic cybersecurity concepts. Use a mixture of these traits to build job descriptions. Once these are clearly defined, assess members of your team who show interest and potential.

2. Design hybrid cybersecurity roles

When you combine skills sets that aren’t traditionally found in the same job, you’ve created a “hybrid role.” These non-traditional roles are increasing in popularity as siloed job definitions flex to better adapt to companies’ changing needs. In fact, The Hybrid Job Economy, a recent report by Burning Glass, noted that one in eight job postings are now highly hybridized.

Due to an increased reliance on technology to get jobs done more traditional roles are requiring cybersecurity knowledge. Your head of marketing, for example, needs to protect sensitive marketing and customer data. Hybridizing the role would mean giving them more responsibility and accountability for information security while decreasing the need for a cybersecurity professional in that department.

As you redesign and create hybrid roles, it’s critical that cybersecurity skills training is offered to people in hybrid roles. Verizon, for example, is giving 2,000 employees the opportunity to train in cybersecurity. The course enables employees to move at their own pace as they continue performing current job responsibilities. Adjustable coursework also allows employees to learn only what’s necessary to perform tasks in their new job description.

3. Develop informal apprenticeship opportunities

Apprenticeship programs were once exclusive to blue-collar careers. Now, major tech giants, like Salesforce, IBM, and Amazon, are applying apprenticeship programs to their tech-based roles. These programs are used to train hopeful potentials outside of the organization.

Managers and supervisors can redefine apprenticeship programs to be more fluid and to focus on internal rather than external candidates. Creating an informal apprenticeship program at your company allows you to customize it to the needs of each individual or of each department

If you already have cybersecurity professionals who have in-depth industry knowledge, they could train others. Or you may not have anyone with these specific capabilities, so in this case, you can identify consultants in your external network or partner with companies offering online certifications.

Consider what works best for your team’s needs and current workloads. Be intentional about every part of the process. Decide the structure of their workday and who is involved in overseeing the program. Then, set a specific timeline to give employees guidelines as they enter the program. Lastly, set specific metrics used to measure the success of the program. Use these as you move forward to assess what’s working with the program, what isn’t, and what qualities and skills employees possessed who successfully completed the apprenticeship.