Connect with us

Hi, what are you looking for?


Management & Strategy

3 Steps Security Leaders Can Take Toward Closing the Skills Gap

Much has been written about the Great Resignation as its impact is widespread. Sectors including hospitality, food, retail, manufacturing and healthcare have all been affected, making access to goods and services we took for granted hard to come by.

Much has been written about the Great Resignation as its impact is widespread. Sectors including hospitality, food, retail, manufacturing and healthcare have all been affected, making access to goods and services we took for granted hard to come by. You might think that the cybersecurity sector has also felt the pinch, but studies find that’s not the case. 

In fact, cybersecurity made some headway as the workforce gap decreased from an estimated 3.12 million in 2020 to 2.72 million in 2021. Still, progress has been too little and, for many organizations, too late, as global cybercrime soars to new heights. The hard truth is that the skills shortage we face has been going on for more than a decade and currently 61% of IT security professionals say their teams are understaffed. To help address staffing challenges in this world, here are three areas for security leaders to consider. 

1. Know your audience. Millennials currently make up the bulk of the workforce. Have you taken the time and effort to align your hiring and retention strategies with this talent pool? Research by Gallup shows millennials are purpose driven, prioritize work-life balance and value professional development. When a workplace doesn’t reflect these characteristics, they don’t stay and are more cautious about their next move. 

Evolving your work environment and culture doesn’t happen overnight. So, in the near term, consider some creative options that bridge to the gig economy. Create opportunities for tech innovators who want to help, can fill gaps you have now even if only part time, and help you diversify and expand your network for potential candidates in the future. As you start down the path of meeting this generation where they are, one of the first things you can do is review your job descriptions. Many job descriptions simply aren’t realistic and aren’t written for successful outcomes. Because it’s hard to fill positions, there’s a tendency to merge different roles and different skill sets into one description when what’s truly needed are two or three different positions. The result? Openings either go unfilled or people leave. Increasing salaries doesn’t work. What does work is scoping jobs appropriately.  

2. Automate with people in mind. For years we’ve hesitated to automate due to the fear of being burned when machines quarantine a system or block a port on a firewall in error. Now, technology has advanced to where we can fine tune automation and optimize it for our unique environments. Balancing automation with human intelligence and analysis allows teams to always have the best tool for the job. You automate repetitive, low-risk, time-consuming tasks, while human analysts take the lead on irregular, high-impact, time-sensitive investigations with automation simplifying some of the work. 

Balanced automation has obvious security benefits, but it also helps with retention and recruitment. It keeps your highly skilled analysts from getting burned out or bored and leave. And you can use it as a recruitment tool to attract talent with the knowledge they can spend more time on interesting, strategic activities. They can develop their skill sets in areas like investigation and threat hunting and use automation where and when it makes sense.

3. Build organizational memory. Even if your organization is considered a great place to work, people will come and go. If you can capture and retain the institutional knowledge security teams build and have a way to share it with current and new team members, you can maintain continuity and even turn the situation into an opportunity. 

Advertisement. Scroll to continue reading.

With a central repository that serves as organizational memory, new data, learnings and feedback are continuously added. Team members can step into investigations with greater confidence and realize greater success. Because they have a single source of truth, not just observations but details and documents, they have a more accurate understanding of the security posture of the organization, trends to track and what’s important. Existing team members have a chance to step into new roles and new team members can get up to speed quickly. For example, an analyst who is new to a specific threat or campaign can benefit from this shared knowledge and prior techniques that have worked to accelerate their analysis, decision making and actions. An opportunity to take on high-impact work, supported by a platform that provides trusted and timely information, sends a clear message that you are committed to professional development and growth from within which encourages retention and recruitment.

HR and talent acquisition teams everywhere are working diligently to fill open cybersecurity positions, but they can’t do it alone. Fortunately, by scoping job descriptions realistically and incorporating automation and intelligence sharing to enable analyst success and growth, there’s a lot that security leaders can do to help close the skills gap in their organizations. 

Written By

Marc Solomon is Chief Marketing Officer at ThreatQuotient. He has a strong track record driving growth and building teams for fast growing security companies, resulting in several successful liquidity events. Prior to ThreatQuotient he served as VP of Security Marketing for Cisco following its $2.7 billion acquisition of Sourcefire. While at Sourcefire, Marc served as CMO and SVP of Products. He has also held leadership positions at Fiberlink MaaS360 (acquired by IBM), McAfee (acquired by Intel), Everdream (acquired by Dell), Deloitte Consulting and HP. Marc also serves as an Advisor to a number of technology companies, including Valtix.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Training & Awareness

Google has announced a new training program for cybersecurity analysts and those who graduate will get a professional certificate from Google.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.