Connect with us
Our website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Technology

Strategies for Resolving the Cybersecurity Talent Gap

Strategies for Resolving the Cybersecurity Talent Gap 1

By Vanya Ivbule, Vice President with Kingsley Gate Partners

Cybercrime is on the increase. In the first half of 2021, 635 Suspicious Activity Reports relating to ransomware were notified to the Financial Crimes Enforcement Network bureau by financial institutions in the US. This compared with 487 for the whole of 2020. And the total value of ransomware-related transactions over the same period was $590 million (median average payment $102,273), compared with $416 million for all of 2020.

This is not just a problem for financial services in the US, either, as the recent State of Ransomware in Financial Services 2021 report, by British security software and hardware company Sophos, shows. Its independent survey of 550 IT decision makers in financial services highlights the extent and impact of ransomware attacks on mid-sized finance organizations worldwide during 2020. Overall, 34% of the financial services organizations surveyed were hit by ransomware in 2020, with the attackers succeeded in encrypting the organisation’s data in just over half of those cases.

The cybersecurity workforce gap

Clearly, financial services firms are among the most popular targets for ransomware attacks. As a result, and given their importance in the global economy, it is vital that they are able to recruit and retain, the necessary expertise to meet their cybersecurity needs.

However, a major challenge for financial services sector is the shortage of cyber security professionals as highlighted in a recent major workforce study by IT security non-profit (ISC)²  which states that in 2020 there was a global cybersecurity workforce gap of 2.7 million employees. And, two-thirds (60%) of participants worked for organizations experiencing staffing shortages that placed their organisation at risk. There were some 500,000 open cyber security jobs in the US alone this autumn, for example. 

Some strategies for attracting cybersecurity talent

While there is no simple solution to this shortage of specialist skills, here are some examples of strategies that can help firms solve their cybersecurity hiring issues and better protect themselves from costly cyber threats:

Hiring outside the box. Look beyond the obvious sources of cyber talent. Candidates who have exposure to cyber, such as IT or Cloud SaaS, should be considered from outside the immediate industry. Or individuals with a non-traditional education in cyber, such as CISSP (Certified Information Security Systems Professional) and ISACA certifications that are holistic and helpful for senior leadership and management positions. Equally, it is possible to hire on attitude and culture from non-technical functions such as marketing and finance, then train necessary skills. In the (ISC)² workforce study, for example, participants identified ‘strong problem-solving abilities’ (38%) and ‘curiosity and eagerness to learn’ (32%) as some of the most important skills for new entrants.

On the move? Another tactic is to identify reluctant relocaters. For example, individuals asked to relocate from the City to Europe post-Brexit may be more open to opportunities in the cyber industry. Equally, individuals who are post-IPO lockup and looking for their next career challenge may be good candidates. While M&A activity generally, such as the ongoing IHS Markit-S&P Global merger, is also a potential source of recruits. 

Adequate compensation. Talent retention is essential in such a highly competitive area. For a start, firms should ensure executive compensation plans are in line with the market and, if not, consider revising. It may be necessary to introduce new components, such as LTI’s or additional equity for top performers, to increase engagement and mitigate employee churn. As a guideline, the (ISC)² workforce report revealed an average salary before taxes of US $90,900 for cybersecurity professionals globally in 2021, up from US $69,000 in 2019.

A flexible approach. Financial compensation is only part of the picture. Firms may also need to re-evaluate and revise company perks in order to create a secure and attractive environment for cybersecurity professionals. A good example is the demand for more flexible working conditions which was identified in the (ISC)² study as the second most important factor when it comes to investing in people and closing the talent gap. With some financial services majors spearheading a return to the office, it may create an opportunity for hiring companies offering employees the option of hybrid-working.

Use diversity to increase the talent pool. Finally, organizations should put in place diversity and inclusion policies to help address gaps and attract talent. This was another key takeaway from the (ISC)² study which also noted that cybersecurity professionals are not only aware of how DEI can contribute to solving the skills gap, but they also expect their employers to act on issues such as diversity, equity, and inclusion initiatives.


Author Bio:

Vanya Ivbule is a Vice President with Kingsley Gate Partners, a global retained executive search firm, and heads up the EMEA Cyber Security Practice in London. Vanya specialises in supporting PE backed portfolio companies on go to market strategy, scaling and transformation as they prepare for acquisition or IPO.

Global Banking and Finance Review Awards Nominations 2022
2022 Awards now open. Click Here to Nominate

Advertisement

Newsletters with Secrets & Analysis. Subscribe Now