To make the best cybersecurity products possible, and tackle new and evolving threats, we need to bring fresh and diverse perspectives and experiences to the table
Hiring not just new employees, but the right ones, is incredibly challenging. Hugely resource-intensive, recruitment is far more than filtering through resumes and organising interviews. Many times, organisations fail to deliver the right information to potential prospects, and everyone loses out.
What’s more is that the pandemic has also changed the relationship many have with work. For example, Fifty-two percent 52% of workers found the pandemic made them question the purpose of their day-to-day job, with half changing expectations towards their employer, according to research by Gartner covering over 3,000 employees globally.
And, 65% of the respondents said the situation caused them to shift their attitude towards the value of the aspects of their life outside work. Workforces around the world have developed a new sense of self-awareness and ideas about what they want from their careers, and employers must be willing to accommodate these.
Employees are looking for opportunities where they’ll be able to make a real difference and have a tangible impact. They want flexibility and ways of working that fit around their lifestyles and goals. The cybersecurity and technology industry is extremely well placed to provide that, but first we must break down some preconceptions.
IT has often been represented as something you need strong technical qualifications and a computing or mathematical background to get into. But the reality is there is space for those from much more diverse backgrounds than you might think. To make the best cybersecurity products possible, and tackle new and evolving threats, we need to bring equally fresh and diverse perspectives and experiences to the table.
Rethink How You Hire
If we only recruit from the same small pool of people, or in the likeness of those already in senior positions, we are putting ourselves at a huge disadvantage. With our products impacting broader society, we need to make sure that we have full representation from across society in the development process. Building effective cybersecurity products takes interdisciplinary teams, pulling in experts not just from security, but counter-intelligence, IT and behavioural sciences too. This is the only way we will be able to effectively tackle the endless game of cat-and-mouse between cybercriminals and the security industry, and neutralise threats before they escalate.
But despite incidents every day highlighting how we need better protection against cyberattacks, it is a sector with a huge talent gap. Some 2.72m positions are currently vacant globally, according to figures from (ISC)2’s Cybersecurity Workforce Study. Competition is extremely strong for the best candidates.
Changing Things for the Better
Attracting and retaining that talent means companies need to build the kind of culture and ethos that top employees can picture themselves settling into. Individual team leaders and managers play an important role in developing this, through their management styles and how they provide support and guidance. Ultimately employees not only have to believe in what the company is doing and what they stand for, but also in management’s methods and vision.
Within the cybersecurity industry, we have a clear mission that truly has global impact. Digital infrastructure powers almost every aspect of our society today, which means cyberattacks can have catastrophic consequences. What we develop makes a huge difference in not just protecting businesses, but people’s lives.
People and Purpose
Those cybersecurity companies most successful at attracting top talent will be those who are most effective at establishing a clear link between what employees are doing on the ground, and the real-world positive impacts they’re having. If talented people feel they have space to bring their ideas in and be taken seriously, chances are they’ll be eager to get on board.
Hiring managers need to pay close attention to the roles they’re crafting, instead of overloading jobs with unrealistically broad responsibilities. If there are opportunities to rely on critical and creative thinking within roles, seize those in building job descriptions. Hire for aptitude and attitude, as opposed to overly focusing on technical skills. Of course those will always be important, but cybersecurity careers, and the kinds of candidates that can fulfil them, are about so much more than that.
It’s a well-worn phrase, but an organisation’s people are its greatest asset. The cybersecurity industry can’t rely on technology investment alone to tackle its workforce gap. Building high-performing teams doesn’t happen overnight, but by seeding the right initiatives and thinking critically about recruitment and retention, cybersecurity vendors can put themselves on a path to success.
By Nirav Shah, VP and CTO, Forcepoint India Innovation Center