The challenges of attracting cybersecurity talent and how to deal with them

The cybersecurity industry is at an interesting turning point. We are now approaching three years of remote and hybrid work, and individuals and organizations alike have had to adapt and improve their security infrastructures. And this push for greater security will only increase in 2023 in new and unique ways.

Despite the growing need for advancements in cybersecurity, there is still a global shortage of 3.4 million workers in the field. Of 64% of companies worldwide that have experienced at least one form of cyber-attack, the threat landscape is constantly expanding and those fighting those threats have never been more important. Our cybersecurity workers are the unsung heroes of our generation who deserve more recognition – and to face threats in 2023, we need more.

Provide real hands-on training

Unfortunately, we are beginning to accept the cybersecurity talent gap as an ongoing challenge, and will continue to do so as we struggle to encourage younger generations to take up a cyber-related profession. Cybersecurity education is crucial, and while we see more universities developing cyber courses, it still remains very small compared to the critical challenges organizations face on a daily basis.

For this new generation to be successful, universities need to expand cyber education and provide real hands-on cyber training, not just theoretical training.

Of course, companies must also take such training into their own hands. In 2023 we have to train all employees on how to prevent and minimize cyber risk, because that really is the best way to combat our growing threat landscape. Every person in an organization has a role to play, even if it’s just to raise awareness around phishing emails or avoid unsafe links.

Emphasize cybersecurity work as diverse and exciting

To also minimize cyber workforce turnover, both organizations and universities need to emphasize the uniqueness, impact and benefits of working within the industry. For example, day-to-day cybersecurity tasks are diverse, allowing many different types of people to enjoy this work.

The tasks are also anything but repetitive and employees should never be bored. The role of cybersecurity is constantly changing due to the constant creativity and growing sophistication of attackers, which is an intriguing factor in the job search. Promoting such desirable job qualities will be critical as the industry strives to effectively expand its own workforce to protect against threats.

More importantly, organizations need to better support their cyber teams. Having the right motivated team helps employees feel reassured, empowered and excited about their career. As companies and leaders, we have a responsibility to create safe environments for our people and to communicate this to anyone interested in the field.

Appeal to a variety of individuals

Creating a safe work environment promotes more open conversations in times of burnout and promotes better teamwork. One of the most important KPIs to look for in employee engagement surveys is whether employees are comfortable talking to supervisors: it is the best way to avoid burnout and ensure that employees enjoy their work as this widening talent gap continues.

Whether organized, creative or analytical, the cyber industry can appeal to a variety of individuals. Protecting and responding to ever-changing cybersecurity issues every day is an important job, and this truth should be emphasized throughout the college years and beyond.

Strategically attracting new cyber talent and ensuring workplace cyber teams are fulfilled closes the cybersecurity talent gap and ideally pushes threat actors aside.

Caroline Vignollet is from OneSpan SVP of R&D.