The cybersecurity skills shortage requires companies to have sophisticated hiring processes. Focus-on-Security Chief Operating Officer Jamal Elmellas said: There is a disconnect between hiring managers and HR managers. So why is this happening, and how can the two be reconciled?
Insufficient new entrants and an outflow of existing talent are reducing the cybersecurity talent pool.The Department of Digital, Cultural Media and Sports (DCMS) has reduced the initial shortage forecast from 10,000 to 14,100 yearly. The cybersecurity gap has increased 73% since last year, according to ISC(2) Cybersecurity Workforce Survey.
The same study made an interesting observation. Shortages were significantly reduced when there was a strong relationship between cybersecurity management and HR, but were worsened when there was a disconnect. Those companies were more than 2.5 times more likely to suffer from skills shortages.
This shows that while HR plays an important role in hiring, a poor fit with security teams can backfire. And this lack of match isn’t as rare as you might think. Nearly half of those surveyed said they had a bad relationship, and 40% said HR adds no value to the hiring process.
What HR and Recruiters Bring to the Party
Both parties are critical to an effective recruiting effort. Hiring managers know the skill sets and experience they need, what they need for their day-to-day work, and where they fit on the team. Yet HR knows the hiring process, how to enter the market, and the channels to use to attract the best talent. We can work together to develop job specifications and determine the support and benefits that should be provided.
But the reality is that today’s job specifications are rarely well written. Criticisms include, for example, lumping multiple roles into one, specifications that do not reflect the roles offered, or underestimate roles by failing to highlight training opportunities.
As a result, recruiters ignored these job specifications and contacted hiring managers directly to draft their own specifications, bypassing HR entirely. This was especially true for roles that were hard to fill. The danger this creates is that recruiters with little market visibility are at the mercy of less conscientious recruiters. HR plays an important role as it represents the interests of the company while occupying a middle ground.
Solve a problem
So why did this happen, and how can HR be more aligned with security teams? Part of the problem is that cybersecurity continues to evolve rapidly. and as a result there is a shortage of skilled professionals in certain fields. for example, Fortinet 2022 Cybersecurity Skills Gap Reportthe most in-demand roles relate to modern technology: cloud security and security operations software such as advanced threat protection and endpoint detection and response.
As a result, it becomes difficult to determine the skill sets required for that particular job, and HR must create a rulebook (or job specification). Certifications help here, so 81% of organizations insist on certifications when hiring. But in today’s candidate-starved market, businesses can no longer afford to limit themselves in this way. By doing so, potential candidates may move from another career or follow a non-traditional path, eliminating the chance that they have the right soft skills to succeed. .
Industries need a way to map specific skills to current and future roles. This is recognized by the Cyber Security Alliance and isThe complex nature of career routes to cybersecurity. A myriad of cyber credentials, certifications, and degree standards exist without uniform equivalence. And this is the challenge that poses for employers when evaluating a candidate’s suitability. ”
As a result, the Alliance helped establish the UK Cyber Security Council in 2019. Its main mandate is to establish standards and pathways across the cyber profession by 2025. Known as the Cyber Pathways Framework, this framework outlines the skills associated with 16 specializations. , establishes a minimum set of requirements for the first time and provides much-needed guidance to HR. However, since this is two years after him, it is possible to refer to the council’s career route map..
Team structure mapping
The DCMS report notes that some organizations are already considering how to use route maps. For example, I thought it could be used to justify budgets for career-related training or to inform job specifications. However, it is also seen as a way for companies to avoid reinventing team structures because it can be layered onto existing IT roles to show where skills already exist and where there are gaps.
of Chartered Information Security Institute (CIISec) cyber skills Framework promote this systematic approachIts Competence Development Methodology (CDM) uses four frameworks covering skills, knowledge, roles and certifications to map skills within the business and help HR develop, recruit and retain talent. We support.
Initiatives like this save recruiters from having to seek inspiration or copy job specs from other ads (which happens more often than you might think), and HR Departments no longer have to work in the dark. Now that we know the business deficits, the skills needed, and the roles that need to be outlined and promoted, both our HR and cybersecurity teams are on the same page and can work better together with recruiters. rice field. Market conditions and candidate selection.
Aligning these three professions increases the likelihood that the role will be filled quickly. But there is another aspect to consider. it’s retention. Providing support and career advancement to the valuable cybersecurity professionals you hire is essential to their continued success. Again, Career Pathways can help here too. It provides a clear outlook on how roles will evolve and individuals can climb the ladder, providing the job security candidates are likely to desire in today’s economy.
How do you think the disconnect between HR and recruiters is hurting hiring? Share your thoughts with us Facebook, twitterand LinkedInWe look forward to hearing from you!
Image Source: Shutterstock