What can your business do to close the cybersecurity skills gap?

The threat to the cyber-landscape continues to evolve at a rapid pace. High-profile data breaches demonstrate not only the huge financial cost of being attacked, but also the considerable reputational damage. With hackers constantly moving the goal posts, cybersecurity is one of the top issues that keeps board directors awake at night.

Having the best cybersecurity skills to navigate the digital age safely has never been more important, yet the industry is facing a global shortage with 1.5 million unfilled roles predicted by 2020, according to Forbes. It’s easy to assume the people simply don’t exist, but while that may be true in some instances, what is actually fuelling the skills shortage is a lack of understanding around the skills required.

Our global team is dedicated to finding the best people in the security market for our customers and placing them in the right role. At Computer Futures we take the time to educate employers on how to write job descriptions, provide them with key market analysis and help them create environments that increase retention. Here are a few tips for business risk and cybersecurity employers to help address the skills gap.

  1. Validate job descriptions against your peers 

Job descriptions for cybersecurity roles often seek people that tick every box covering both technical and non-technical skills, but you’ll rarely find that in one person. By validating and benchmarking job descriptions against the rest of the market, including looking at competitors’ websites and job boards, employers can gain a better understanding of what they need and what they can realistically get.

2. Be flexible and offer progression

Companies should first look internally to see if there are existing employees who can be trained in cybersecurity. Most large organisations have considerable IT teams where many of the skills are transferable to cybersecurity roles and people in other departments may be interested too. You may identify loyal people who already know the business and culture, and contract resources are often valuable too.

Attracting the best people also means offering strong career progression from the outset, both in terms of training and future career opportunities. People desire employers that invest in their development and they want to be able to see their growth trajectory. Offering a training budget and involving security in business decisions will go far in both attracting good people and retaining their skills in the long term.

3. Truly care about security

One of the main things people want to know about the companies we recruit for is how seriously they take security. They don’t want to feel like a side piece to the rest of the business or part of a tick-box exercise for compliance. It’s their reputation at risk as well if the organisation is breached, so they often gauge the company’s attitude to security by asking what part of the business security reports into or whether it is sponsored at executive level. Proving you care about cybersecurity will no doubt attract better people.

We all have a responsibility to help alleviate the skills gap and it’s a core part of our company purpose in bringing skilled people together to build the future. At Computer Futures we’re proud to run a series of events and awareness initiatives as part of our Secure Futures campaign. We’re hoping it will have a positive impact, and the programme truly marks our commitment to educating people on exciting cybersecurity careers and increasing diversity within the industry.

For more information on Secure Futures or how we can help your business please email Peter at p.kelly@computerfutures.com or visit computerfutures.com