Technology has become vital for businesses across most sectors and industries to continue to operate.
As a result, it has become crucial for businesses to recruit and retain tech talent, like software engineers and coders. Research from TechNation, has shown that not only does the UK technology sector have a talent shortage, but that it will likely stifle growth.
All businesses need talent with digital skills that can build innovative products and solve problems. However, without a stable and secure environment maintained by cybersecurity professionals, businesses won’t be able to attract the talent needed to deliver their full potential. According to (ISC)²’s 2021 Cyber Workforce Report, the global cybersecurity workforce needs to grow by 65 per cent to effectively defend organisations’ critical assets – currently, far too many businesses are having to make do without skilled personnel to hand.
With such statistics, organisations cannot afford to be lax with security. Breaches can result in recovery costs, fines, loss of revenue, reputational damage, and more. Given its importance, cybersecurity should not be left to chance; it must be placed in the hands of highly trained and competent people.
Therefore, in an ongoing fight for talent, what can businesses do to bolster their cybersecurity teams?
Understanding the cybersecurity skills gap
Cybersecurity can be difficult to recruit for because of the constant need for training and vigilance. New technology can make previous cybersecurity systems less relevant, therefore professionals in the sector must remain up to date on the latest trends and innovation. The job also requires people who can remain composed under pressure, a soft skill which is hard to develop, hence attracts a premium, once identified.
Along with the difficulty in recruiting, business face challenges in retaining talent and providing continuous training, all of which is adding to the skills shortage. Recent Fortinet report has shown that 52% of leaders believe their employees still lack necessary knowledge. This can lead to dysfunctional teams which are unprepared to handle sophisticated attacks. Adding to the problem is how some employees, who are in fact knowledgeable in these roles, start to feel burnt out due to excessive workload, in part because the burden cannot be shared by others who are less capable.
Every business must take stock of what skills they have within their organisation and where their blind spots and key vulnerabilities might be. Only then, will they be aware of the skills they need to address the shortfall
Further economic storms might see cybercriminals try more sophisticated methods to access information. The Fraud Advisory panel has stated that “the risk of fraud to businesses is at its greatest in times of economic downturn.” For this reason, if the economy continues to face difficulties, it could in turn make for an even more challenging cybersecurity landscape and increase the need for robust and knowledgeable defence teams.
The importance of training and reskilling
With such difficulty recruiting and maintaining staff, one option businesses should consider is training and reskilling programmes for existing staff to help bridge the gap. Current cybersecurity professionals can solidify what they already know and stay up to date on the latest learnings.
Along with cybersecurity professionals, other technology professionals can be trained and recruited into these roles. Technology professionals are likely to have an affinity for the types of skills needed to succeed in cybersecurity.
Non-technical people by background, may still be able to learn what is needed to perform in these roles, especially if businesses are willing to invest and cover the cost of the training. When there is a skills shortage, as is currently the case, and when vacancies outstrip the available talent, organisations need to be prepared to be imaginative in finding solutions.
Alongside this, arming all teams, regardless of their skills and experience, with the right tools and support is essential. Working with knowledgeable and trusted partners can help outsource some of the work and offset any skills gaps as the external partner becomes an extension of the in-house team.
The value of strong leadership and a good team
Teamwork is an essential part of working in a business and this is just as true of cybersecurity teams. Due to the constant vigilance required, it helps cybersecurity professionals to know they have people around them, with whom they can share the workload.
There are five fundamental qualities that make every team great: communication, trust, collective responsibility, caring and pride. Everyone individually is important, but it is in coming together that they become unbeatable.
Effective teamwork begins and ends with communication. It does not always occur naturally, but it must be taught and practised in order to bring everyone together as one.
Along with a strong and functional team, a good leader is essential. Cybersecurity teams have stressful jobs, with the whole company looking to them in times of crisis (which can be heighted during economic instability). For this, the cybersecurity team requires a capable leader under pressure to help engender trust across their staff. They must also be able to advocate for the team if some are burnt out or require further training.
Leadership should also look to create initiatives that can support employees with their workload and stress. If cybersecurity professionals are better supported, they are less likely to seek opportunities elsewhere, reducing staff turnover.
The ongoing struggle
For businesses to grow, they must be able to work safely and securely. This can only be done with a functional and knowledge cybersecurity team underpinning the organisation. To address the cybersecurity skills gap business must find ways to recruit more staff and nurture more talent into those roles.
By investing in training and reskilling programmes for current and new talent businesses can both to bridge the skills gaps and remain alert to evolving threats. Businesses must also foster a supportive team culture with strong leadership so staff can work successfully without stress or burnout.
Unfortunately, hackers are always adapting so organisations must evolve their defences as well. While no organisation can ever be 100% secure, they cannot afford to be complacent. By prioritising investment in the right talent, organisations can work in a safe virtual environment that enables them to create innovative products and services.
About the Author
David Spillane is Systems Engineering Director at Fortinet. Fortinet makes possible a digital world that we can always trust through its mission to protect people, devices,and data everywhere. This is why the world’s largest enterprises, service providers, and governmentorganizations choose Fortinet to securely accelerate their digital journey.
Featured image: ©SasinParaksa