There is a growing demand for cybersecurity experts, but also a shortage of talent. The analyst firm predicts that the growing gap between available qualified cybersecurity professionals and empty positions will reach 1.8 million.
There is no doubt that the industry is facing a troubling lack of qualified candidates with the necessary fieldwork skills and product expertise. Those who work as security professionals today are under constant pressure, as they need continuous training to keep up with the evolving technologies and the new threat landscape.
The issue of cybersecurity talent is not limited to a few sectors; it runs through a company’s board of directors, through government and through education. And while all of these actors are trying to address the problem, the entire talent supply chain is being hit by this gap.
There is also a shortage of qualified teachers, as many are attracted to the industry by rising salaries. Academic institutions want to meet the needs of the industry, but are struggling to keep up with industry changes and technological advances. In addition, students interested in pursuing the field of cybersecurity are faced with the new definition of a career that has more and more options.
Organizations are looking for many ways to close the talent gap in the short and long term, including new programs at universities, technical and vocational programs, certifications, early education, and government programs. IBM believes that many cybersecurity jobs can be filled through new careers that involve candidates who may not have a traditional college degree, but who have the necessary technical and aptitude skills.
These jobs ‘new collars’, which are precisely jobs that do not require a college degree and that demand skills-based knowledge. Technology is the silver thread that will help create the jobs of the future.
IBM Security has announced an initiative to help address the projected shortage of 1.8 million people in cyber security through programs and partnerships that promote a ‘new talent’ strategy. If a company wants to change the way it addresses the cybersecurity skills gap, it should start building a new approach to jobs.
According to a new study for business value, there are five important points to consider:
Review workforce strategy
Think about the skills that are essential to an organization and use that information to help design clear pathways for the security function, focusing on what skills are needed at each level.
When recruiting candidates, don’t just focus on college degrees as prerequisites. Research found that not all security department employees need four-year degrees. Don’t screen out potentially successful employees before they have a chance to prove themselves and realize that skills can come from a variety of experiences.
Improve engagement and outreach to attract candidates
Expand recruitment efforts and not limit yourself to the pool of universities where the organization has always hired employees. Start with simple things like learning sessions and demonstrations at schools and other educational venues.
Build a local cybersecurity ecosystem
Create new partnerships with regional workforce development organizations, high schools, and technical and vocational schools. Companies can also participate in cybersecurity committees where they can provide certain experiences for instructors to keep their skills fresh and relevant; sponsor cyber teams; and work with high schools and middle schools to generate interest in the field.
Provide a strong support program for new employees
Professionals are challenged to find mentoring time and train their new employees. Using cyber security hiring techniques to help gain experience and learn allows for exploring options and opportunities because not everyone knows what they want to do right away. Keep the commitment by giving new employees creative freedom to work on different projects and explore new technologies and services.
Focus on continuous learning and improving skills
Once an organization has attracted new talent, it is important to retain it. Keep employees involved by providing opportunities for them to continue building skills and learning new ones through classes, certifications and conferences. Cybersecurity is a highly dynamic field, requiring employees in the field to constantly update their skills.
In addition to working with new talent, companies should support the efforts of employees from other departments who want to move into the cybersecurity field. Like new hires, which should not be limited to four-year college graduates, employees in other departments may have the skills and abilities needed to become highly successful cybersecurity employees.