There's been an increasing demand and an overarching issue with supply of security talent. How are you dealing with that? Any advice for our peers facing the issue?
Sort by:
It starts with a cultural approach/shift to start with first embedding security awareness into the entire organization. The next step is to augment your existing security team with automation + orchestration solutions, often referred to as #DevSecOps
In my humbled experience as people to be choosen for any cyber or security option, we should be honest more than the experience or knowledge we put at the Resume or CV. One thing is sure, if anyone take a call hearing about a challenge but also atractive offer (benefits and flexibility in a global world, and carrer path if exists), I am pretty sure there is a potential deal to be closed. Otherwise, we might be open to work as freelancers or by projects if the need from other external client (Company) fits with all the conditions to be addressed.
The challenge is real, so many candidates post fake CV with no real experience and overrated salary expectations, it's hard and u must verify the relevant technical skills on real life examples
In my experience its key to have a stable leader in InfoSec so as staff leaves/promoted for new opportunities the leader still has the overall vision, processes, goals, culture, and support in place. This allows for a wider range of talent (entry level to senior) that can be plugged into the "system". That said, keeping that leader may still be a challenge as is finding the leader who can do this effectively.
The hiring shortage within the cyber security industry is a symptom, and not the problem.
What we have found with CLAW by CybernetIQ (www.cybernetiq.io) is that the ability to provide a clear picture of the cybersecurity landscape enables senior operators, and harnessing our ML / AI “Reflexes” enables Junior team members to rapidly accelerate their path to becoming an effective strength.
Basically, it's a tool that levels up your existing team instantly, without having to add to headcount.
As a recovering CISSP/ CCNA/ MCSE I know firsthand that cybersecurity is hard--but doesn’t have to be.
What we have discovered with our Attack Surface Analysis platform is that teams that have a clear understanding of their tools are a much more effective force for the enterprise that they manage. Consequently, we can take people off the frontline, give them a solution that makes sense of the security investments, and generate value Day 1, Minute 1. Happy to explore what that might mean for you.