Cybersecurity hiring has become so difficult that managers need to think outside the box if they hope to fill critical positions. Therefore, organizations must redefine positions, change the way they screen candidates and use security training in a cyber range to attract and develop their own talent from within.
In-house Range Facilities Boost Cyber Security Hiring
51 percent of IT and cybersecurity professionals claim their organization has a problematic shortage of cybersecurity skills, according to the ESG annual global survey on the state of IT. Mark Aiello, president of Cyber 360, a staffing firm specializing in finding cybersecurity skill says, “Talent is so scarce that it typically takes eight to 12 months to fill cybersecurity jobs.” This means employers need to adopt new ways of thinking about cybersecurity hiring and retention. The familiar bag of human resources tricks is not going to be enough for your organization to hire and retain the top professionals needed to keep your network safe. Innovative, security conscious enterprises are investing in state-of-the-art cyber range security training and simulation technology to attract promising new talent and develop and retain valuable pros already on their team. Techopedia describes a cyber range as:
“A cyber range is a virtual environment that is used for cyberwarfare training and cybertechnology development. It provides tools that help strengthen the stability, security and performance of cyberinfrastructures and IT systems used by government and military agencies.”
Establishing a cyber range accelerates onboarding on new recruits, keeps the entire SOC team up-to-date on responding to the most menacing emerging threats. A cyber range also allows security professionals to constantly challenge themselves and advance their skills and careers, so they stay on your team for the long term. These types of programs will attract new talent, but will also help retain your experienced team members.
Cybersecurity pros are not born, they are trained
The goal is not to find a ‘perfect’ candidate for the role, because they do not exist. Instead, focus on bringing in fresh talent and retain existing team members by offering a challenging internal cybersecurity training program. Employers need to look for bright, capable people with critical thinking skills, and then develop them. Look for candidates with both technical competencies and good written and oral communication skills, as communication is an important part of cybersecurity operations. Hire new talent with strong problem solving and communication abilities and build technical proficiencies on top of that.
A cyber range can slow churn
One of the most common reasons that any employee leaves a job is because they feel that they are not developing in their current role, they feel bored, frustrated and ‘stuck’. Don’t make the mistake of only looking outside for new talent. The most promising candidates may already be on the payroll. All you need to do is provide a challenging training program to get them qualified fast.
Read our special report on The State of Cybersecurity Talent
Hugh Jones is Regional Director at Cyberbit