How to feel more secure

With IT solutions being so mission critical in today’s world, people with computer expertise are understandably often in particularly high demand.

And when the failure of an IT system can potentially result in everything from operational downtime to data loss and even damage to the company’s brand image, those heroes able to keep everything afloat or get everything back in shipshape order when things go wrong should understandably be on the receiving end of voluminous praise and respect. Maybe in a world where cyber threats have become all to common, IT security personnel are the most valued of all. But, where are they? New research suggests that corporate demand for cybersecurity skills is rising faster than internal supply, with innovative thinking needed to plug the gap – both in the acquisition and retention of key talent.

The report by Capgemini’s Digital Transformation Institute highlights an urgent and growing cybersecurity talent gap, calling for new recruitment and retention strategies to help organisations contain cyber risks and build competitive advantage. The report, Cybersecurity Talent: The Big Gap in Cyber Protection, demonstrates that of all the digital skills necessary for organisations with aspirations of digital leadership, cybersecurity represents the biggest gap between demand for those skills and internal supply.

The report surveyed over 1200 senior executives and front-line employees and analysed social media sentiment of more than 8000 cybersecurity employees. Some 68% of organisations reported high demand for cybersecurity skills compared with 61% demanding innovation skills and 64% analytics skills. Demand for these skills was then set against the availability of proficient skills already present in the organisation. This identified a 25 percentage point gap for cybersecurity skills (with 43% availability of proficient skills already present in the organisation), compared to a 13 percentage point gap for analytics (51% already present) and a 21 percentage point gap for innovation (40% already present).

The demand for precious cybersecurity talent is projected to grow over the next 2 to 3 years, with 72% of respondents predicting high demand for cybersecurity in 2020 compared with 68% today. Set against increasing incidents of cyberattacks and the need for organisations to not only protect themselves but also maximise competitive advantage from digitisation, the report recommends a series of tactical priorities for business leaders.

According to the report, the first priority for companies is to assess how well security is integrated across the organisation. What is the culture of cybersecurity outside the team with direct responsibility for keeping data protected? How security-savvy are app developers and network managers? Another priority is to look at the, as yet, unrecognised cybersecurity skills that lie within. Half of all employees are already investing their own resources to develop digital skills, showing an appetite to upskill. Organisations that struggle to recruit externally may be able to uncover candidates with adaptable skillsets who can be trained. Those functions with complementary and transferable skills include network operations, database administration and application development. In addition, companies should look at the requirement to embed security into every service and application and hire business communicators to complement the technical skills in their team. Business analysts and technical marketers could be transferred to cybersecurity roles to enable the company-wide adoption of best practice.

A third priority, states the report, is for organisations to think beyond the normal recruitment strategies and understand the root skills of cybersecurity. Look at traits and skills present in completely different job roles and interview candidates the organisation might not usually consider. Those currently in maths-related roles for example, are often highly skilled at pattern recognition. The final report recommendation looks at retention of talent. In a highly competitive recruitment market, organisations should also look at engagement of existing employees to ensure talent gaps don’t worsen.

The report also reveals that cybersecurity employees value organisations that offer flexible working arrangements, encourage training and prioritise clear and accessible career progression. The recommendations in the report certainly make a lot of sense and have been carefully thought through. With so much at risk from being left exposed on the cybersecurity front, any company with staff concerns of this nature would do well to mull over these credible options.