If we’ve learned anything in the last 12 months, it’s the importance of online security. Image this, you wake up tomorrow your entire work history stored on your believed-to-be-secure cloud is gone. The stress that builds from a data breach or online loss leading to security issues is immeasurable.
It’s no surprise that quickly you’ll be needing a cybersecurity expert to turn to in a crisis like this… But who will you call? According to Cybersecurity Ventures, there would be 3.5 million unfilled cybersecurity roles by the start of 2021… and now that we’ve reached that date, it is on record that 3.1 million cybersecurity roles went unfilled last year.
With data like that and unemployment rates high, it begs the question, why? Why are these roles not being filled with skilled job seekers? After completing a number of searches for companies seeking security analysts to developers, we’ve broken down three ways we are noting the cybersecurity skill gap could close, even just a bit more!
Companies have unrealistic roles.
When it comes to the skills gap and hiring potential of cyber security, companies often have jobs with unrealistic expectations and a low budget for salaries. Along with these initial challenges, many companies are new in the world of adding a cyber team to their roster and just don’t have the team structure or pathway for success built out yet. What roles are needed? How is the team structure formatted? How many hires will showcase an effort to ensure are most secure?
Company HR teams do not have the industry experience.
Hiring a cybersecurity expert without the knowledge of what all that entails is challenging for even the best HR managers. Add on the pressures that if this hire goes wrong, the companies security is at risk. As with any job interview, an applicant for a cybersecurity position needs to speak knowledgeably about the specific job responsibilities and the field in general. Cybersecurity job interview questions might revolve around one specific task—say, designing firewalls or safeguarding information in certain applications. From how would you defend against a cross-site scripting (XSS) attack? to what does RDP stand for?… the questions you ask are essential to ensuring you’re making the right hire the first time. Does your HR manager know enough about security to make the right hire?
Companies need to alter job requirements.
With the current volume of cybersecurity job openings, companies at some point will have to begin offering flexibility regarding the formal requirements in hiring security professionals. Requirements such as a Bachelor’s degree or Master’s degree in computer science or computer engineering may need to be removed from job descriptions as there a lot of candidates that are missed in hiring because they might have dropped their university degree or they have been focusing on self-study instead of traditional certificates. Hands-on experience and skills in addition to culture should be the main criteria when it comes to cybersecurity hiring.
As work from home for many organizations continues to become a more permanent structure, the need for security professionals on every team will grow. There are people with the needed training and experience and even more so, passion for the industry who can’t find jobs.
What ways have you been able to hire cyber professionals to keep your businesses security top priority?