Source: Infosec Island
19 Nov 2018

With limited personnel to manage the rising risk, the difficulty attracting, recruiting and retaining an appropriately skilled workforce has become a significant risk.

Shortfalls in skills and capabilities are manifesting as major security incidents damage organizational performance and reputation. Building tomorrow’s security workforce is essential to address this challenge and deliver robust and long-term security for organizations in the digital age. Filling the skill shortage will require organizations to change their attitude and approach to hiring, training, and participating in collaborative pipeline development efforts. An overly rigid and traditional approach to identifying candidates, coupled with over-stressed and under-staffed work environments, is clearly in need of new tactics and fresh ideas.

Consider, for example, that new research by Cybersecurity Ventures finds that only 20% of the global cybersecurity workforce is comprised of women. On its face, this statistic proves that there are large, untapped pools of talent. Looking deeper, there are lessons to be learned about what organizations must do differently to attract bright prospects from a wider spectrum of education, experience, and expertise. And of course, it goes way beyond gender diversity — organizations must figure out how to recruit effectively from younger and older age groups, underprivileged districts, liberal arts colleges, and other atypical populations.

Organizations that fail to adopt a more creative approach will find themselves dangerously shorthanded in the next few years, as both attacks and defensive measures (e.g. security software platforms, patching and configuration practices, analytics, and machine learning) become more complex.

Read Full Article