Hacking the shortage in cybersecurity talent

Source – Shutterstock

Hacking the shortage in cybersecurity talent

Article written by Jonathan Tan, Managing Director, Asia, Trellix

It is no secret that the pandemic has served as a catalyst in many ways, accelerating the need for top tech talent as companies double down on digitalization. In this war for talent, though, the cybersecurity industry falls short.

The cybersecurity industry has seen an acute talent crunch for years now – a result of its perennial struggle with attracting and retaining qualified employees. Coupled with the challenging nature of security operations, resources have been stretched over the past couple of years – inflicting further strain on an already taxed cybersecurity workforce, and undermining digital transformation in Asia.

A recent study by Trellix found that many cybersecurity professionals across the globe feel frustrated by the limited support for skills development, in addition to a lack of recognition for the good they do for society. Even more notably, a third of the current workforce plans to change professions in the future, clearly indicating that the Great Resignation wave has yet to peak for the cybersecurity industry.

The spotlight then shines on organizations in the field, with a question raised – will they be able to draw the top talent they need so they can digitize without placing themselves within the radar of malicious hackers?

The workforce of today wants meaningful work

Jonathan Tan, Managing Director, Asia at Trellix

Jonathan Tan, Managing Director, Asia at Trellix

Dominating many headlines today is the shift in employee expectations as a result of the job market’s transformation, with young tech professionals quitting their jobs in search of more soulful work. Ultimately, people are now seeking jobs where they can use their skills and talents constructively for a greater purpose.

A career in cybersecurity is thus a double-edged sword – it can be impactful and rewarding, yet also extremely challenging and demanding.

Employees in the SecOps field deal with a constant stream of alarms, so it’s no wonder cybersecurity is often perceived to be a high-stakes, high-stress industry. Furthermore, with their tech stack dispersed across many tools, identifying attacks across vectors can become an uphill task for cybersecurity professionals.

However, all is not dull in the cybersecurity industry – there are employees from a variety of backgrounds who thrive professionally while also finding personal fulfilment. Holding the key to this are employers, who have to place people at the core of their security practices and workplace culture, in order to draw intelligent, motivated workers to the industry.

When it comes to talent, quality can surpass quantity 

If it is not apparent already, the search for cybersecurity talent is not only a local priority, but a global one.

In the same report mentioned earlier, we discovered that 85% of cybersecurity professionals believe the workforce shortage is impacting their organization’s abilities to secure increasingly complex information systems and networks.

Against this backdrop, organizations must do more to widen their search for talent. Equally as important as hiring new candidates will be upskilling the existing workforce, both with technical capabilities and competencies like learning agility and collaboration. The importance of this cannot be understated – senior leadership IT teams, including the Chief Information Officer (CIO), must stay abreast of the latest security tools and be educated on the fast-changing movements in the industry so that they can provide employees opportunities to hone their skills.

As intimidating as the cybersecurity industry sounds from an external perspective, employees who acquire critical soft skills stand a strong chance of adapting effectively and moving up the corporate ladder. For instance, over half of respondents in our research find critical thinking and teamwork the qualities that were the most useful to their role. These are abilities that can actually be learnt and improved through time.

Closer to home, the Cyber Security Agency of Singapore is leading a new national SG Cyber Talent initiative by nurturing talented cybersecurity enthusiasts from a young age. Although providing such opportunities is an excellent strategy to entice young talents to join the industry, building a strong pipeline of cybersecurity expertise will take a long time. Business owners need to act now, or risk losing out to their competitors.

XDR extends its support to organizations of all sizes

Smart organizations understand that simply hiring more employees cannot be the sole solution. Cyber threats will only continue to increase in quantity and sophistication, necessitating organizations to innovate and tap on more effective technological tools.

Enter Extended Detection and Response (XDR) – a platform that allows organizations of all sizes to simplify their security systems and reduce staff workloads. Leveraging this tool immediately gives employees more breathing space and time to carry out their responsibilities effectively and efficiently.

This is achieved in three ways.

Firstly, XDR consolidates several security solutions in a single platform – meaning that endpoints, email, networks, and cloud can all be connected with ease. With a more comprehensive picture of their security ecosystem, SecOps teams will therefore be better able to adapt and protect their attack surface.

Secondly, by automating workflows powered by AI and machine learning, XDR helps enhance human expertise. Increased intelligence makes it simple to anticipate attacks and swiftly detect threats, in addition to orchestrating corrective actions and real-time automated responses. In other words, XDR is always working so that workers don’t have to.

Lastly, XDR provides embedded expertise, with several defensive playbooks at their disposal, suggesting tactics and counters. The ecosystem is designed with best-in-class intelligence, providing SecOps teams with all the knowledge they need to make the best cybersecurity decisions – before, during, and after an attack.

Ultimately, the cybersecurity industry offers a soulful and purposeful career that most talent today aspire for – but this can only be made possible if organizations are willing to invest in new technologies that will help simplify security and take it beyond what it is today.

Thus, the solution is for the taking, and it is time for businesses to look toward the bigger picture.

The views reflected in this article are the views of the author and do not necessarily reflect the views of Tech Wire Asia.