Hiring and retaining talented cyber security personnel is a perennial challenge for most organizations. There’s a major crisis in cyber talent and, even if an organization recruits top cyber professionals, there is no guarantee it can retain them. Workforce development can be an important tool in ensuring that the organization has the right people and processes in place when it comes to cybersecurity. Here are three steps organizations can take.
Step 1–Adopt a cybersecurity mindset: It is not enough for cybersecurity to be relegated to a subset of people, as with the IT function. Every employee faces cyberthreats, and talent management for IT and cyber operations should not be combined. By shifting this mindset and developing strategies that reflect these realities, the company’s ability to develop an effective workforce will immediately improve.
Step 2–Develop alternative management strategies: Most cybersecurity professionals are well known for their love of cutting-edge technologies, casual work environments, and creative mindsets. These tendencies might differentiate them from the rest of the workforce in areas such as preferred work environments and career paths. Recruiting, developing, and retaining this unique workforce often requires management strategies that are different than those applied to other employees. Be flexible.
Step 3–Understand work preferences: Cybersecurity professionals also have unique work traits. These traits, or work preferences, make them the perfect candidates to tackle the daily challenges from threat actors around the globe; but they can also separate them from the rest of your organization. Recognizing these work preferences is critical to developing cyber talent management strategies.
For example, organizations can capitalize on employees’ problem-solving skills by allowing them to be a part of strategy, offense, and defense and by fostering a culture that encourages every level of employee to suggest solutions. Companies can also reward employees for forward thinking, provide them with constantly changing tasks with different levels of difficulty, and present opportunities to work with emerging technologies.
Cybersecurity is not just about having the right technology in place; it is also about having the right people and the right mindset. By understanding the unique characteristics of cybersecurity professionals and adapting workforce development, organizations can do a better job of attracting and retaining the people that can keep them protected.
Originally published on: September 5, 2017