The challenges of attracting cybersecurity talent and how to address them

The cybersecurity industry is at an interesting inflection point. We are now approaching three years of remote and hybrid work, and individuals and organizations alike have had to adjust and improve their security infrastructures. And this push for more security will only amplify in 2023 in new and unique ways.

Despite the growing need for cybersecurity advances, there’s still a global shortage of 3.4 million workers in the field. With 64% of companies worldwide having experienced at least one form of cyber attack, the threat landscape is constantly expanding, and those working to combat these threats have never been more important. Our cybersecurity workers are our generation’s unsung heroes that deserve more recognition — and to get ahead of threats in 2023, we need more of them.

Provide real, hands-on training

Unfortunately, we’re starting to accept the cybersecurity talent gap as an ongoing challenge, and this will continue as we struggle to encourage younger generations to take on a cyber-related profession. Cybersecurity education is pivotal, and while we are seeing more universities develop cyber courses, it still remains very small in comparison to the critical challenges organizations face daily.

For this new generation to be successful, universities must expand cyber education and provide real hands-on cyber training, not just theoretical training.

Of course, companies must also take such education into their own hands. In 2023, we must train all employees on how to prevent and minimize cyber risks, as that is truly the best way to combat our expanding threat landscape. Every person in an organization plays a role, even if it’s just increasing awareness around phishing emails or avoiding insecure links.

Emphasize cybersecurity work as diverse, exciting

To also minimize cyber employee churn, both organizations and universities must emphasize the uniqueness, impact and benefits of working within the industry. For example, day-to-day cybersecurity tasks are diverse, allowing many different types of people to enjoy this work.

The tasks are also everything but repetitive, and employees should never feel bored. The cybersecurity role is changing all of the time due to the constant creativity and growing sophistication of attackers, and that’s an intriguing factor when on the job hunt. Promoting such desirable job qualities will be crucial as the industry looks to effectively expand its own workforce to protect against threats.

Even more importantly, organizations must better support their cyber teams. Having the right motivated team in place helps employees feel reassured, empowered and excited about their careers. As companies and leaders, we have a responsibility to create safe environments for our people and make this known to anyone interested in the field.

Appeal to a variety of individuals

Creating a safe work environment promotes more open conversations during times of burnout and empowers better teamwork. In fact, one of the most important KPIs to look for within employee engagement surveys is whether employees feel comfortable talking to leadership: It’s the best way to avoid burnout and ensure that employees are enjoying their jobs as this widening talent gap continues.

Whether someone is organized, creative or analytical, the cyber industry can appeal to a variety of individuals. It is an important job to protect and react to ever-changing cybersecurity issues every day, and this truth must be stressed throughout collegiate years and beyond.

Strategically attracting new cyber talent and ensuring that cyber teams are fulfilled in the workplace will help close the cybersecurity talent gap and ideally push threat actors to the wayside.

Caroline Vignollet is OneSpan’s SVP of R&D.