As part of our “security takes a village” focus, we are exploring how stakeholders other than a dedicated cybersecurity or IT team can help keep your organization secure. In this post, Alyssa Miller, IntelliGO Networks’ Human Resources Manager, discusses a cybersecurity consideration with implications for HR teams: the cybersecurity talent shortage. She outlines how concerns can be overlooked by organizational leaders given the absence of a cybersecurity knowledge center on either team; the difficulty of solving the problem through traditional means (hiring people/training internally); and impacts to KPIs (such as employee churn & satisfaction) in the event of a breach – which can be more likely with the absence of security personnel.
As the person responsible for recruiting our own cybersecurity people, I have experienced this talent shortage firsthand. Working at a cybersecurity company means I hear all the reasons for the shortage when I complain about it: there are more breaches, more news coverage of breaches, and more awareness among company leaders… but I think another reason is that this industry and the skills required to participate in it are constantly changing/evolving, and computer science programs are having a hard time keeping up as a result. More and more schools are offering a dedicated cybersecurity program, but they still aren’t as common as general IT programs with a cybersecurity course or two.
This problem is especially difficult for small to medium-sized businesses working on a budget. Even if you can afford an established professional, how do you assess their qualifications? This is easier for me because I’m always looking for cybersecurity talent. I’m thinking about the HR generalist at a small enterprise, who has never hired for that role before. Would their IT team be able to give them guidance? And, if they were able to, would the business need (Read more...)