InfoSec-Specific Executive Development for
CISOs and Aspiring Security Leaders.
Live Faculty-led instruction and interactive
labs to build you and your team's InfoSec skills
Cybersecurity threats and breaches have increased in number over the last decade, and a consequence of that is a heavy demand for cybersecurity professionals. However, this demand has not been met by a corresponding supply. In fact, labor market research
from Emsi indicates:
Because of this supply/demand gap, some sectors, like fintechs and healthcare, tend to get very competitive, which compounds the severity of this issue for smaller organizations and other sectors because of their limited resources. In addition, work-from-home,
online schooling and a shift to online shopping as a result of the COVID-19 pandemic have driven the demand for cybersecurity professionals even further.
However, as new talent in cybersecurity continues to enter the marketplace, organizations can deploy several creative strategies to meet the needs of the enterprise and acquire and retain top cybersecurity talent.
READ: How to Structure the Information Security Function
A strong cybersecurity program requires appropriate funding, not just for the tools but also for the talent. We recommend CISOs include a big picture view of the enterprise talent situation in metric-driven briefings to the board of directors that
This visibility provides a level of commitment to the security program from a staffing perspective, particularly from the finance arm of the enterprise. A board sign-off or approval also helps with the almost inevitable downstream staffing or budgeting
An un-empowered security organization will struggle with cybersecurity talent attraction and retention. To raise the stature of the infosec program and help team members feel that they are making a difference consider the following:
READ: Secure Coding Basics for Software Developers
Cybersecurity’s staffing challenges require innovative talent acquisition strategies. To ensure your talent pool is large enough to surface the right people, consider:
READ: The BISO Role: Where Business Meets Security
Talent related to cloud, SaaS, DevOps and SOAR is an extremely hard-to-fill niche of cybersecurity. Many enterprises are rapidly onboarding these innovations, which creates the interesting challenge of how to staff up for their security-related aspects.
Skipping the obvious suggestion of paying top dollar, organizations should consider instead focusing on interesting approaches, such as:
A well-designed information security program and strategy inspires and deeply motivates those who want to do great work and make a profound difference to the fortunes of the company. Examine your strategy with a fine-tooth comb, ensure it aligns with
the needs of the enterprise and push the limits in a way that keeps your top talent engaged, challenged and energized.
Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our blog posts, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by individuals or firms in
connection with such information, opinions, or advice.
September 29, 2022
By IANS Faculty
Understand the integration points between information security and enterprise architecture. Find guidance for functional organizational constructs to maintain a solid EA practice.
September 27, 2022
By IANS Research
Learn how to ensure full cyber insurance policy coverage and find 5 tips to help maximize your potential cyber insurance claims.
September 22, 2022
Find information on cyber insurance coverage types along with best practices to choose a cyber insurance carrier and policy for optimal security coverage.