Today’s cyber skills report shows a third of vacancies are hard to fill, which is concerning, but not particularly surprising. It’s hard to find the right people to fill cyber security job roles, there’s no two ways about it. One big piece of recruitment advice for businesses would be to look after your own, as word of mouth and recommendations go a long way. Similarly, if you provide a supportive and interesting environment to work in, then you will encourage more people to join. Recruiting cyber skills is only half the battle; the other half is retaining staff and making sure new recruits are actually effective in their roles. For the former, businesses should look for technologies that can help keep existing security teams interested and engaged, as well as operating more proactively, rather than, for example, constantly responding to security alerts. For new recruits, training that covers the full depth and breadth of the digital risks the business is facing is critical, yet often sporadic. What tools, applications and software does the business use and what would the impact be if one of these suffered an outage or breach? Which third parties do they work with, what level of access do they have? Compounding this, ambitious digital transformation initiatives have created unprecedented challenges, complexities and digital risks that organisations’ security, IT and risk teams must now manage. Robust training will help those employees better understand the business’ digital risk landscape, enabling them to tackle issues faster and ensure they are more effective in the role.  Read Less