The accelerated rise in cybersecurity attacks has once again pointed towards acute talent shortages within a rapidly growing sector. Bridgett Paradise, Chief People Officer at Tenable, discusses company culture, training and hiring in the midst of a recruitment crisis.
During the pandemic, technology became increasingly incorporated into our daily lives. The way we work has moved from physical offices to hybrid work environments, with almost 60 percent of businesses switching to a work from home model. Unfortunately, this switch has left companies vulnerable as bad actors find new routes into the corporate network. Every industry, whether we are speaking about healthcare, education or retail, has had to adapt to ensure the protection of their employees and customers. In recent research conducted by Forrester, where 426 security leaders and 422 business executives have been surveyed, eight out of ten indicated that their organisations have more exposure to risk today as a result of moving to a remote working model. When discussing Investment, 75 percent of security leaders indicated that they will spend more on vulnerability management and cloud security in the coming years.
In the last 12 months, cybersecurity market revenue has grown to more than £10 billion (US$13.2 billion/€11.99 billion) for the first time, with the sector adding over 6,000 jobs. While the technology skills gap has been a recurring challenge for many years, recent reports suggest that the cybersecurity sector is facing a real crisis. Harvey Nash Group suggests that there has been a shortfall of 10,000 people a year in the UK’s cybersecurity talent pool. According to Microsoft, there are 2.5 million unfilled cybersecurity jobs worldwide.
With the need for businesses to protect themselves against threat actors increasing attacks at lightning speed, organisations need to think of new strategies for acquiring and retaining talent. A flexible working environment, combined with a diverse and healthy company culture, could be the key to helping cybersecurity providers stay ahead of the competition.
A sharp shift in recruiting strategies
The last two years have seen the traditional workplace change dramatically, with many businesses forced to reconsider the way in which they operate. We live in an age where talent is no longer limited by location and the world of hybrid or remote work is more commonplace. When it comes to cyber talent, flexibility in location and adaptability to schedule changes is almost a requirement. Businesses that have embraced a remote working environment have been able to successfully widen their candidate pool considerably and found it advantageous in the battle for talent.
A healthy company culture
With increasingly blurred lines between work and home, company culture is even more important to people when evaluating employment opportunities. Companies that can demonstrate that they take a “people first” approach can often present more interesting and supportive benefits with a particular focus on wellness efforts, increased days off and assistance programs that allow employees to focus on themselves when necessary. At Tenable, through our focus on building a diverse and inclusive environment, we work to ensure that employees feel welcome, challenged and valued and supported throughout their journey. Our culture is built on a foundation of shared goals and purpose and we know through joint accountability we can better serve our customers, partners and communities and deliver meaningful results. Words like “trust”, professional growth and the ability to innovate are baseline requirements in today’s market for job seekers in cyberspace. Creating an environment where staff are empowered, and everyone is treated with fairness and respect is a must when talking about employee retention.
Training is ongoing and at all levels
Companies realise that no candidate is perfect, in terms of experience and expertise. Instead, security leaders should search for prospective employees that share similar values, and compliment those experiences with internal support networks and training opportunities to grow the skill sets within. Whether full-fledged certification programs or professional development skills, employees look to their employers to provide them with growth paths that are meaningful and obtainable. Tuition bursaries and the availability of valuable external training, in addition to internal development programmes, are imperative when aiming to attract new candidates and retain qualified personnel. In addition to the monies to support these requirements, it may also be expected to grant the individual time to complete the necessary coursework. Businesses should also consider building an internal mentorship programme, where mentors and mentees come together to learn from one another. The willingness to invest in their personal and professional growth is now a key requirement for retaining top talent.
Bridging the skills gap in the cybersecurity sector is not an easy task, but companies need to be open to change to progress in their search for talent. In a world of work populated by hybrid environments the focus is, now more than ever, on people and their values, expertise and skills. By making concrete steps towards building a healthy company culture and investing in development opportunities, prospective and existing employees alike can hopefully be won over.