2021 Top Action Items on Cyber Talent
Add bookmarkWay back in June 2020, Why Is Top Cyber Security Talent In Flight, looked at the myriad reasons behind the availability of top cyber security talent. One reason- cuts. But another reason was a bit more surprising- even in a moment of absolute disruption- provided with a ‘sellers’ market, top talent was moving due to displeasure with the direction of their now former cyber security operations.
At the dawn of 2021, we find a potential next wave of top talent movement. Coming distributed workforce policies include a reworking of base pay due to cost of living adjustments; the elimination of certain geographical habitats due to resiliency vulnerabilities (such as coastal settings); and demands for in-office work when out-of-office work might suffice. Any of these reasons could potentially push top talent to move.
But we’ll look into those points further in Part II. For the time being, here are top action items on cyber security talent as noted by the cyber security community:
Retaining Your Top Cyber Talent
“The most important is retaining that top talent. There are a lot of distractors- a lot of companies are going to tap into your talent. The war is real. That's a key goal for us is to maintain our good talent and to bring in other top talent.”
This speaks to the issue we discovered mid-year 2020. Your top talent will walk no matter the greater geo-political reality. With a thin crop of top cyber security talent available- make sure you do everything in your power to keep the folks that you have through two-way communication on what they appreciate and what they do not appreciate about your cyber security operation. And most importantly- take action on what can be changed.
Retraining Your Top Cyber Talent
“Do we have the right people in the roles? Do we have the right training? How could we control costs in this topsy turvy economy we're in? We're looking at all of the above because we're a lean team and we're thinking about the fact that you can't be the master of everything when you're time-sliced through so many initiatives. We must have our top talent work on business growth initiatives. One key question is how do you scale up and down when talent is short and when disruptions big and small are coming at you quickly?”
Folks not being in the right roles at the right time has adverse effects on the enterprise. The organization doesn’t get optimal output. The talent becomes dispirited. All adding up to a simply less secure company.
Refining Your Top Cyber Talent
“Embrace learning. Stop looking for the unicorn and take on people who have a passion for the industry and teach them the skills. Have that talent incubation and have it as an ongoing thing. Not a one-off, integrated workplace learning as part of a graduate intake, but really focus on developing and providing meaningful work. Also ensuring their development is not just technical, there are some key soft skills that need to be developed and refined.”
Stop looking for the unicorn! If there is a thin crop of top cyber security talent- refine your talent to ensure that they remain best of breed. Ensure your talent is technically well-rounded while developing or enhancing the soft skills associated with the 2021 version of the CISO role.
Battling For New Cyber Talent
“Look at the DC Metro region and you would think there's a bunch of cyber talent around. There is, but when you look at the landscape, you're fighting with the Department of Defense and defense contractors over their talent. Then Amazon says, "Hey, we're going to increase our presence in the Northern Virginia area." And maybe Google might be trying to grow a little bit too. That’s all besides the battle for talent in traditional industry.
The talent pool dries up really quickly. Make sure that you can find the right people, get them through the recruiting process without somebody swiping them in the meantime, get them on board, and train them to do the jobs they came to do as quickly as possible.”
The future is now. When you do find new top talent ready to join- act fast. Whisk them through your onboarding process to ensure that they are embedded as quickly as possible.
Building Your New Cyber Talent
“Look at forming an internship program and targeting educational institutions, as well as non-educational institutions, which represent chronically unrepresented groups of individuals. So that could be something like going to the local America's Job Bank or similar facility where they have a high population of veterans and going and giving a talk and finding people who want to become interns. We really do need to look at increasing the talent pool.”
Ensure your onboarding mindset embraces your top talent throughout their entire career at your organization. Don’t let the learning stop.
Cyber Talent Burnout Bolstering
“If recent studies about burnout and stress levels associated with people who work in cybersecurity are in any way accurate, I think we have to look at having a continuous pipeline of new people who get into the industry because not everybody who gets into this industry stays in this industry as a career.”
As you continue to develop and refine your top talent, do whatever you can to guard against burnout by continuing to add to the team in new and different ways.
Your Cyber Talent Perimeter
Retaining, retraining and refining your top talent all must happen more aggressively as we make our way into 2021. Battling for and building and bolstering against burnout of your new talent must happen too. The argument could be made that the new perimeter to defend is around your talent.