Fewer challenges facing our industry are more pervasive than the cybersecurity talent shortage. It’s an advanced persistent threat of the human variety that impacts nearly every component of an organization’s security strategy. Not enough talent to fill open roles means security vulnerabilities and risks may go unaddressed, while also tasking existing staff with burdensome workloads. This often compounds the talent shortage problem by leading to higher rates of employee burnout and churn.
Several credible studies already validate the size and scope of the cybersecurity talent shortage, but few resources exist to help organizations and hiring managers improve their chances of filling open cybersecurity roles. That’s why Infosec surveyed over 250 IT and security hiring managers in the U.S. to learn what drives their hiring decisions. The study analyzed employer emphasis on candidates’ skills, aptitude, experience, degrees and certifications across three candidate experience levels — and compared their responses to how they assessed their own ability to fill open cybersecurity roles.
Unsurprisingly, nearly all survey respondents (73%) reported challenges filling open cybersecurity positions, yet major differences emerged when the responses from successful hiring managers were compared to those who struggle.
Hiring manager involvement in the recruiting process drives success
Many conversations around cybersecurity hiring challenges focus on the candidates — their credentials, skills and experience — and how deficits in these three areas contribute to the growing skills gap. The 2020 IT & security talent pipeline study looks further up the talent pipeline to explore the strategies and tactics used by organizations and hiring managers recruiting for open roles.
The study found hiring managers who agree or strongly agree their organization is doing a good job recruiting candidates are 113% more likely to recruit their own candidates and 58% more likely to screen their own (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Megan Sawle. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/LZCxowWh2_s/