InfoSec-Specific Executive Development for
CISOs and Aspiring Security Leaders.
Live Faculty-led instruction and interactive
labs to build you and your team's InfoSec skills
Cybersecurity threats and breaches have increased in number over the last decade, and a consequence of that is a heavy demand for cybersecurity professionals. However, this demand has not been met by a corresponding supply. In fact, labor market research
from Emsi indicates:
Because of this supply/demand gap, some sectors, like fintechs and healthcare, tend to get very competitive, which compounds the severity of this issue for smaller organizations and other sectors because of their limited resources. In addition, work-from-home,
online schooling and a shift to online shopping as a result of the COVID-19 pandemic have driven the demand for cybersecurity professionals even further.
However, as new talent in cybersecurity continues to enter the marketplace, organizations can deploy several creative strategies to meet the needs of the enterprise and acquire and retain top cybersecurity talent.
READ: How to Structure the Information Security Function
A strong cybersecurity program requires appropriate funding, not just for the tools but also for the talent. We recommend CISOs include a big picture view of the enterprise talent situation in metric-driven briefings to the board of directors that
This visibility provides a level of commitment to the security program from a staffing perspective, particularly from the finance arm of the enterprise. A board sign-off or approval also helps with the almost inevitable downstream staffing or budgeting
An un-empowered security organization will struggle with cybersecurity talent attraction and retention. To raise the stature of the infosec program and help team members feel that they are making a difference consider the following:
READ: Secure Coding Basics for Software Developers
Cybersecurity’s staffing challenges require innovative talent acquisition strategies. To ensure your talent pool is large enough to surface the right people, consider:
READ: The BISO Role: Where Business Meets Security
Talent related to cloud, SaaS, DevOps and SOAR is an extremely hard-to-fill niche of cybersecurity. Many enterprises are rapidly onboarding these innovations, which creates the interesting challenge of how to staff up for their security-related aspects.
Skipping the obvious suggestion of paying top dollar, organizations should consider instead focusing on interesting approaches, such as:
A well-designed information security program and strategy inspires and deeply motivates those who want to do great work and make a profound difference to the fortunes of the company. Examine your strategy with a fine-tooth comb, ensure it aligns with
the needs of the enterprise and push the limits in a way that keeps your top talent engaged, challenged and energized.
Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our blog posts, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by individuals or firms in
connection with such information, opinions, or advice.
January 20, 2022
By IANS Faculty
How sound is your data governance program? It all starts with the basics. Learn how to establish a solid foundation for your data governance program.
January 18, 2022
Learn how to put a workable data management and governance process in place.
January 13, 2022
Understand how the three lines of defense work and learn how to apply it properly inside your organization.