5 ways to find the right cybersecurity talent for your company
As the digital transformation of Australian businesses continues, there is a rapidly growing demand for cybersecurity professionals, but the size of the talent pool has barely grown at all.
In recruitment company Hays’ Cyber Security Talent Report, which surveyed over 200 cybersecurity professionals and business leaders, 61% of respondents noted it is ‘difficult’ or ‘very difficult’ to recruit cybersecurity talent, with only one-half believing they were capable of developing and retaining them.
That means modern organisations are facing a real challenge when it comes to putting together the right cyber team. However, there are a few things you can do to improve your cyber recruitment strategy.
Identify your weak spots
This means uncovering the needs and priorities of your organisation, as well as identifying key areas that need specialist cyber talent. You also need to clearly articulate your short term and long term goals, which will help you identify immediate recruitment priorities as well as prepare you for the long haul. It’s essential to think in holistic terms, however. You don’t want to over-hire in one specific area and leave yourself vulnerable in other areas.
Look beyond traditional candidates
Though it makes sense to recruit people from a conventional cyber career path, you shouldn’t close yourself off to potentially great hires just because they bring a different set of experiences to the table. A lot of young cyber workers are skipping traditional degrees and building up key skills through practical experience and project work. Especially in an area as fast-evolving as cybersecurity, focusing on hard skills, adaptability and accomplishment can be more beneficial than getting hung up on which school they went to. The same goes for women candidates, minorities or candidates with overseas experience. These people may have combinations of skills and experience that could be very valuable to your company’s goals.
When putting together a job specification, focus on the skills required (including must-haves and good-to-haves) and the absolute bare minimum in terms of formal qualifications. And remember, skills are only part of the equation. Many skills can be taught to a keen recruit, but it’s hard to compensate for a bad cultural fit. You want to look for evidence of adaptability, enthusiasm, self-learning, personal responsibility and integrity as well as technical aptitude.
Upskill your people
Supporting the development and professional growth of your existing team is one of the most valuable things you can do for building up your company’s cybersecurity posture. Companies that invest in their employees’ professional development see increased loyalty, lower turnover, and benefit from meeting their needs in-house. And given the current talent shortages in the industry, this can be a huge advantage.
Cybersecurity certifications can be an effective route for upskilling your existing IT team. Not only do they allow you to expand your cyber capabilities, but they also provide a path for IT generalists in your company to specialise in cybersecurity.
Given how the way we work is changing rapidly, new candidates are looking for roles that offer more than just a paycheck. While a competitive salary, benefits and positive work culture are important, these are now becoming the baseline. To attract highly sought-after talent, employers need to offer more options to their candidates. Things like a supportive work environment, good work-life balance, remote working, flexi-hours, extended leave, career progression and professional development are highly valued benefits among cyber workers, with some candidates willing to be more flexible on salary if such options were also on the table.
Work flexibility and work-life balance can also widen your potential pool of candidates, as it opens the doors for mature-age students, parents or carers who have a wealth of experience to offer.
Practice what you preach
If we demand adaptability, flexibility and loyalty from our hires, we should be willing to offer them the same. Companies that consistently demonstrate openness, honesty in their day-to-day culture and invest in their employees’ growth, will be rewarded with top-shelf cyber talent that will stand by them through thick and thin.