Treating today’s cybersecurity challenges like technical matters is tempting. After all, the perpetrators of cyber attacks such as ransomware launch their assaults in the virtual world. But as we’ve argued many times in this blog space, cybersecurity is more human dilemma than mechanical trial. So, managing cybersecurity is more about managing talent than managing machines.
Therein lies the current crisis: Our nation faces a growing cybersecurity talent gap.
“The cybersecurity talent shortage is widespread, impacting all 50 states” said Matthew Sigelman, chief executive officer at Burning Glass Technologies in a recent CompTIA news release. “In every state, the employed cybersecurity workforce would have to grow by over 50 percent to align with the market average supply and demand ratio.”
CompTIA, the world’s leading technology industry association, and Burning Glass, a leading labor market analytics firm, collaborate to provide Cyberseek™, a free cybersecurity career and workforce resource. And per the latest Cyberseek report on the cybersecurity workforce:
- Across all jobs, there were 6.5 employed workers per opening from April 2017 through March 2018.
- In cybersecurity, there are only 2.5 employed workers per opening.
So, where will your organization find the cybersecurity talent necessary to cope with an era of unprecedented cyber assaults such as data breaches? We see two complementary pipelines:
- Grow Your Own and Focus on Soft Skills -- Many times, when discussing cybersecurity in this blog we underscore the importance of continuous internal education for cultivating a cybersecure organizational culture. In this post, we’re encouraging you to focus this process on developing specific business soft skills that facilitate cybersecurity.
Soft skills, such as creativity, problem-solving and a strong willingness to continuously learn, often are overlooked when business leaders train employees, panelists told attendees at last month’s Wall Street Journal Cybersecurity Executive Forum.
“There’s a lot of people graduating from fine cybersecurity programs but they’re missing that core skill set of problem solving, (having) no fear,” Theresa Payton, former chief information officer of the White House, told the audience.
- Work with a Managed Services Provider (MSP) with Exceptional Soft Skills -- Managed cybersecurity services remain an intensifying imperative for your business. The challenge has two dimensions: You need an MSP with exceptional hard technical skills; and, your MSP must have extraordinary soft business skills to help you not only survive but thrive in today’s digital environment.
Another WSJ panelist, Meerah Rajavel, said the most cybersecure IT pros she knows often have soft skills that outweigh their technical skills. They know how to ask the right questions and solve difficult problems. “Cognitive diversity is more important than anything for a cybersecurity person,” she stressed.
The best cybersecurity professionals are part guardian and part detective. In fact, great MSPs not only monitor and deflect cyberattacks, they study them, parsing techniques and logging where and when attempted incursions happen. The goal, of course, is to solve as many cybersecurity problems as possible before they occur.
Learn more about finding the right MSP to support the continuous learners in your organization in our Managed Services section.