According to the Capgemini survey, the demand for cybersecurity talent will intensify in the next 2-3 years
Developing digital skills is probably the biggest impediment to the adoption of new technologies in enterprises. The same holds true for finding and retaining cybersecurity talent. According to a recent Capgemini survey titled ‘Cybersecurity Talent: The Big Gap in Cyber Protection', over half (55%) of companies say that the digital talent gap is widening and cybersecurity skills rank first in both demand and in talent gap. Organizations, according to the survey, must have two priorities:
- Improve the retention of cybersecurity talent
- Step up the acquisition of cybersecurity talent
The demand for cybersecurity talent is not likely to diminish in the next few years. The survey highlights that 68% of organizations acknowledge demand for cybersecurity talent is high in their organization today and will intensify in the next 2-3 years.
The survey highlights that India and the US have the largest (16%) cybersecurity talent pool, followed by the UK and France. Among industries, insurance has the highest proportion of cybersecurity talent followed by banking and consumer products. According to the survey, 80% of cybersecurity talent prefer to have the flexibility to choose their own training programs and training calendar. 66% also prefer learning through a massive open online course (MOOC) than their organization’s training programs.
A lot of large organizations in the industry today are developing this talent pipeline using bug bounty programs. The survey highlights that every four in five cybersecurity employees want to join a firm that uses innovative hiring practices. Tech firms, such as Apple, Facebook, Google, Microsoft, and Intel, and companies outside the industry use bug bounty programs - a way of rewarding individuals for reporting security bugs, and using this approach as a recruitment opportunity.
Gamification is another approach that is being used for hiring cybersecurity talent. For instance, a non-profit organization, Cyber Security Challenge UK, conducts yearly gaming competitions to recruit cybersecurity talent. The rewards for winners range from prizes to job opportunities. Similarly, Marriott International has deployed a recruiting game that is specifically targeted at millennial employees.
The third approach used by organizations is anchor hiring—recruiting experts in an area to attract more talent from that area—to attract digital talent. Employees want to join firms with charismatic leaders. According to the survey, Over half (58%) of employers we surveyed say they believe hiring senior executives, such as CISOs (Chief Information Security Officers) can bring new talent along with them.
The survey recommends four steps that organizations can take in order to retain cybersecurity talent.
1. Incentivize employees to upgrade their cybersecurity quotient.
2. Promote gender inclusion by changing the perception of the cybersecurity field.
3. Ensure Gen Y and Gen Z cybersecurity talent can visualize their career path.
4. Automate the mundane tasks to free up cybersecurity talent’s time to focus on value-adding activities.
The survey highlights that the implications of a cyber breach for organizations are potentially devastating. But organizations are struggling with a shortage of cybersecurity talent and the problem is certainly not going away. The survey suggests adoption of methods, such as acquisition, training, and retention strategies that will appeal to cybersecurity talent, organizations can take an important step in upgrading their cyber protection for the current and emerging risks of our connected world.