Can We Solve the Industry's Talent Gap?

Posted: 05/23/2019 - 00:02
We are addressing the issue of attracting and retaining talented individuals with the necessary skills at Infosecurity Europe this year with FutureSec ­ a program of sessions and events focused on the development of people, skills and careers.

Almost a third (30%) of respondents to a recent social media poll said that a lack of skills was the biggest challenge to recruiting information security talent. More than half believe this is putting their business at increased risk of cyber attacks.

Cybersecurity is a demanding profession, and the required skillset is diverse, with a mix of technical and business capabilities needed to effectively support both evolving digital business and legacy systems. Communication, negotiation and leadership skills are increasingly needed to cooperate and engage with the rest of the enterprise.

Multidisciplinary individuals are hardest to find, but they're critical to ensuring that small- to mid-size security functions are well balanced and can meet all the requirements placed upon them, says David Boda, group head of information security at Camelot. In addition to core infosec skills, individuals will have a level of skill in one or more of coding, privacy, data science, DevOps, SysOps or psychology, or have strong business acumen.

Information security also tends to be underrated as a career path. In our poll, around a quarter cited a lack of interest in careers in the industry as a barrier to recruitment, with 46% saying they find it difficult to encourage talent into the sector.

Cybersecurity can make for an interesting and fulfilling career choice. As an industry, we need to work together to implement strategies and initiatives that will inspire and entice the next generation of professionals. Today, however, there remains a gulf in terms of supply and demand, with recent research highlighting that there will be as many as 3.5 million unfilled positions in the industry by 2021.

Paul McKay, senior analyst with Forrester Research Inc, believes we can widen the talent pool by being more inclusive: We're overly focused on recruiting technical graduates. We need to look at those with different backgrounds and target them with specific programs and apprenticeships to allow a vocational route into the industry. We also need to engage under-represented groups including women, who still make up only 11% of the cybersecurity workforce.  This needs to happen in schools, and employers should encourage their employees to support this type of outreach.

The protection of businesses, infrastructure and lives from risks and threats depends on developing a sustainable pipeline of talented professionals. At Infosecurity Europe 2019 there are a number of sessions dedicated to building knowledge and capabilities within the information and cybersecurity community, including Strategy Talks and Tech Talks, the Information Security Exchange, a Women in Cybersecurity event and Security Workshops.

This blog has been edited from an original piece published as part of Infosecurity Europe 2019 Insights:


About The Author

Infosecurity Europe's picture

Infosecurity Europe is Europe’s number one information security event. Featuring over 345 exhibitors, the most diverse range of new products and services, an unrivalled free education programme and 19,505 unique visitors (ABC Audit 2017) from every segment of the industry, it is the most important date in the calendar for information security professionals across Europe.