Cybersecurity Talent Challenge
October 13, 2022
After finishing my last blog, “How internships in cybersecurity can help you bridge the talent acquisition gap.” I felt somewhat inspired to continue on this chain of thought. As you probably have already determined, I have a passion for the cybersecurity industry and want to help solve some of the biggest challenges we find. The employee deficit is one of the more considerable challenges, and in this blog, I will look at other avenues that may help uncover the talent you need.
First, I think it’s critical to understand why we face this talent shortage in cybersecurity. The way I solve any big problem is to understand the crux of it and then flesh out how we can resolve it.
We have a massive supply and demand issue that creates what I term the “Cybersecurity Talent Challenge” The fact is, there are not enough skilled professionals to meet this ever-growing demand. The State of Cybersecurity 2022 report released by ISACA shows that this problem is predicted to worsen in the coming years with an aging workforce, the growing complexity of environments, and retention issues arising from burnout.
So, we open a job requisition that is commonly poorly written. While we wait to fill the position, a more significant workload is distributed to our existing employees as we try to do more with less staff. Let’s add the burden of interviewing as well. Now we find ourselves with work burnout if we weren’t already burnt out, to begin with. This results in “the grass is always greener” departures. Faced with the rise of Great Resignation, or just the fact that some other company will offer a higher salary for the same role or a more friendly work environment (flexible hours, remote, etc.). The cycle then repeats itself with more unfilled positions.
How do we succeed in overcoming this challenge? As a start, I have listed three concepts and supporting considerations to address each phase of the Cybersecurity Talent Challenge.
First, let’s address one way to increase retention rates. Many companies are adopting a Diversity Equity and Inclusion (DEI) strategy to engage employees. I think that is great, and some talented individuals are interested in working in such an environment. I will caution that having DEI doesn’t always equate to the actual part I think of as the “staying factor,” which is belonging.
One quote that has always resonated with me on this topic comes from Vernā Myers, VP of Inclusion Strategy at Netflix, “Diversity is being invited to the party; Inclusion is being asked to the dance.” LaFawn Davis, SVP of ESG at Indeed.com, added, “Belonging is knowing all the songs… goes beyond simply being invited to the party; you feel like you belong there.”
Belonging is the glue that makes employees want to stay with your organization, even during hard times, because that is where they belong. This is how we break the cycle of looking elsewhere and seeking greener pastures.
How do you go about creating a sense of belonging?
- Mentorship – Mentorship is crucial to building a corporate environment that fosters belonging. *Pro-tip: consider utilizing the Blue Lava Community platform as your go-to mentoring platform.
- Affinity Groups – Create opportunities for people to connect with folks both in and outside of your department.
- Soft-skills Training – We overlook incorporating training that improves Emotional Intelligence (EQ) in soft skills corporate classes. EQ is fundamental to a sense of belonging as it incorporates relationship management skills and managing our emotions when communicating with others.
Next, let’s address one way to stop the attrition. Do we even know why they are leaving? We can look at statistics and reports and come up with high-level reasons, but at an individual organization level, you must get to the root cause and find out why. The best way to gather this information is through the exit interview process. Remember, your employee has made a very difficult decision, and hopefully, they are open to having a more difficult conversation.
Does your exit interview conclude with you being able to answer these types of questions?
- What was the motivating factor? Were they approached, or did they purposefully seek another opportunity?
- Did they feel we supported them and gave them what they needed to succeed?
- How could we improve?
- Is there anything we could have done to prevent you from leaving our organization?
Finally, let’s review how we can decrease the time it takes to fill a vacant role. Often the job description doesn’t accurately reflect the role, or the experience required, or has gates built in them that prevent talented folks at the entry or mid-level career from applying.
Consider the following when reviewing your job descriptions.
- Identify if there is a senior role that could be split into two entry-level roles. Allowing you to look for candidates with transferable skill sets versus ones with five or more years of experience.
- Don’t require a CISSP. Instead, offer the benefit of supporting obtaining a CISSP in the first two years in the role.
- Review the job description with the former employee in their last two weeks and have someone who has held or does hold a similar role review the description.
I hope you have enjoyed this blog post, please join the conversation on how we can overcome the Cybersecurity Talent Challenge in the Blue Lava Community.