Skills shortage in cyber security: how to attract the best talents?

All industries all over the world suffer from a lack of valuable security skills. According to the recent report from Frost & Sullivan, there will be more than 1.5 million unfilled positions in the industry by 2020. What are the reasons for that dramatic skills shortage?

The biggest reason is (as in any other industry) that security companies tend to hire staff with traditional education and college degrees in technology fields. But cyber security is a multilateral field and it requires personnel with not only four-year degrees in computer science but highly-motivated staff with varied skills across different industries. Information security must open itself to applicants with nontraditional background, deep varied knowledge and skills and fresh ideas to reverse the current state of affairs.

Today’s cyber crime is a $445 billion business and it is growing daily. Medium-sized business handles a bombardment of 200,000 security events every day and hackers are becoming more and more organized, form groupings, develop their skills and create very sophisticated ways of cyber attacks.

IBM found a solution to this shortage which is to create “new collar” jobs in cyber security. It means that advanced skills, versatile expertise and willingness to learn should be prioritized over university degree and initial work experience. Those people with unrestrained curiosity, strong ethics, deep understanding of risks and passion for problem solving are most needed for the cyber security industry today. These traits can’t be taught in universities in contrast to technical skills which can easily be gained in on-the-job trainings, during the working process and modern college courses and programs.

Some US companies already started to use this approach and quite successfully: 20% of staff hired for security positions since 2015 has consisted of “new collar” specialists. So why don’t other organizations use the same approach? To do that, companies should establish apprenticeship opportunities, explore and use new educational models and systems, support different colleges’ programs and search for staff in unexpected fields such as law, education or retail. Some companies have found staff in those career fields and these staff members were curious about security and motivated to acquire new skills and knowledge.

The center of “new collar” jobs will be the use of the most advanced technologies such as artificial intelligence which is used in cyber security with growing frequency. AI helps not only to overcome skills shortage in the industry but also assist employees in their tasks and companies in protecting themselves.

If your company would like to apply a “new collar” approach to find the best talents, consider the following steps:

1) Continuing education and upskilling

If you are interested in your new talents stay as long as possible in their position, arrange classes, certifications, conferences and educational courses. Keep in mind that cyber security is quickly developing industry and it requires ongoing education. Moreover, always be open for staff from other fields who express a will to make a new career.

2) Reconsider your hiring strategy

You should thoughtfully reconsider your hiring strategies and have a clear vision which skills and expertise you need not only today, but tomorrow as well. With that in mind, build your hiring plans and workforce strategy.

3) Prepare adaptation plan for new employees

To help your new hires gain necessary experience and knowledge, apply mentorship, shadowing and rotational assignments. People new to the industry may not know exactly what they want to do right away. Give your employees freedom to express their ideas and work on all projects in your company that will help them to explore new technologies and services.

4) Explore new opportunities

Stop following those old-fashioned career fairs and recruiting programs. For new talents visit colleges, P-TECH schools and other educational establishments to make your own recruiting base and list of potential employees.

5) Establish contacts with local organizations

Connect with local companies, government organizations and educational institutions and visit local security events and schools to raise interest in cyber security field.

Information security is a very complex and multilayered industry which lacks fresh ideas, great minds and extraordinary curiosity. Try following steps mentioned above and you will have rather more chances to reliably secure your networks and information.

More information and articles on cyber security you can find at our website

Like what you read? Give Falcongaze a round of applause.

From a quick cheer to a standing ovation, clap to show how much you enjoyed this story.