As technology has become fundamental for businesses across almost all sectors and industries to continue to operate the recruitment and retention of tech talent, in particular coders and software engineers, has become a crucial business battleground.
However, many organisations still struggling to find and retain people with these key skills. TechNation, meanwhile, has found that not only does the UK technology sector have a talent shortage, but that it will likely stifle growth.
All businesses need people with digital skills which enable them to build innovative products and solve problems. However, attracting them and allowing them to deliver their full potential requires a stable and secure environment maintained by cybersecurity professionals. According to (ISC)²’s 2021 Cyber Workforce Report, the global cybersecurity workforce needs to grow by 65 per cent to effectively defend organisations’ critical assets – currently, far too many businesses are having to make do without skilled personnel to hand.
Complacency is not an option. Breaches can result in recovery costs, fines, loss of revenue, reputational damage, and more. Given its importance, cybersecurity should not be left to chance; it must be placed in the hands of highly trained and competent people.
Therefore, in an ongoing fight for talent, what can businesses do to bolster their cybersecurity teams?
Minding the skills gap
Cybersecurity can be difficult to recruit for because of the need for ongoing training and round-the-clock vigilance. New technology can make previous cybersecurity systems less relevant, meaning professionals in the sector must stay up to date on the latest trends and innovation. The job also requires people who can remain composed under pressure, a soft skill which is hard to develop, hence attracts a premium, once identified.
Along with the difficulty in recruiting, businesses face challenges in retaining talent and providing continuous training, all of which magnifies the skills shortage. A recent Fortinet report has shown that 52% of leaders believe their employees still lack necessary knowledge. This can lead to dysfunctional teams which are unprepared to handle sophisticated attacks. Adding to the problem is how some employees, who are in fact knowledgeable in these roles, start to feel burnt out due to excessive workload, in part because the burden cannot be shared by others who are less capable.
Every business must take stock of what skills they have within their organisation and where their blind spots and key vulnerabilities might be. Only then, will they be aware of the skills they need to address the shortfall
Further economic storms might see cybercriminals try more sophisticated methods to access information. The Fraud Advisory panel has stated that “the risk of fraud to businesses is at its greatest in times of economic downturn.” For this reason, if the economy continues to face difficulties, it could in turn make for an even more challenging cybersecurity landscape and increase the need for robust and knowledgeable defence teams.
Non-stop learning
With such difficulty recruiting and maintaining staff, one option businesses should consider is training and reskilling programmes for existing staff to help bridge the gap. Current cybersecurity professionals can solidify what they already know and stay up to date on the latest learnings.
Along with cybersecurity professionals, other technology professionals can be trained and recruited into these roles. Technology professionals are likely to have an affinity for the types of skills needed to succeed in cybersecurity.
Non-technical people by background, may still be able to learn what is needed to perform in these roles, especially if businesses are willing to invest and cover the cost of the training. When there is a skills shortage, as is currently the case, and when vacancies outstrip the available talent, organisations need to be prepared to be imaginative in finding solutions.
Alongside this, arming all teams, regardless of their skills and experience, with the right tools and support is essential. Working with knowledgeable and trusted partners can help outsource some of the work and offset any skills gaps as the external partner becomes an extension of the in-house team.
Strong leadership makes good teams
Teamwork is an essential part of working in a business and this is just as true of cybersecurity teams. Due to the constant vigilance required, it helps cybersecurity professionals to know they have people around them, with whom they can share the workload.
There are five fundamental qualities that make every team great: communication, trust, collective responsibility, caring and pride. Everyone individually is important, but it is in coming together that they become unbeatable.
Effective teamwork begins and ends with communication. It does not always occur naturally, but it must be taught and practised in order to bring everyone together as one.
Along with a strong and functional team, a good leader is essential. Cybersecurity teams have stressful jobs, with the whole company looking to them in times of crisis (which can be heighted during economic instability). For this, the cybersecurity team requires a capable leader under pressure to help engender trust across their staff. They must also be able to advocate for the team if some are burnt out or require further training.
Leadership should also look to create initiatives that can support employees with their workload and stress. If cybersecurity professionals are better supported, they are less likely to seek opportunities elsewhere, reducing staff turnover.
The never-ending battle
To maintain growth, businesses need to ensure they continue to work safely and securely, which can only be done with a functional and knowledge cybersecurity team underpinning the organisation. To address the skills gap means identifying creative ways to nurture more talent into those key roles.
Training and reskilling programmes for current and new talent are also non-negotiable investments, both to bridge the skills gaps and ensure organisations remain alert to evolving threats– hackers are always adapting which means defences must too.
And underpinning it all, businesses must also foster a supportive team culture with strong leadership so staff can work successfully without stress or burnout.
Challenges are abundant in a particularly hostile cyber threat landscape meaning now is no time to cut corners or get complacent. By prioritising investment in the right people and resources, both internally and externally, business leaders can at least hope to keep the hackers at bay.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.