Reassignment to IT support and other jobs to manage remote workers has left a gaping hole in the cybersecurity talent pool.
The quick shift to remote work has ensured business continuity instead of causing a complete shutdown, and that’s one of the most significant benefits of the trend. A range of negative aspects has also emerged, however – a drop in mental well-being, inability to sustain workplace culture, and absence of collaboration. However, the worst impact of this situation has been the loss of business security and an increase in cyberattacks.
Unprepared Organizations Shift Cybersecurity Workers to Other Roles
As per CNBCOpens a new window , an increase in cyberattacks and the fact that some cyber professionals were reassigned to perform other tasks, including IT support, has caused a talent shortage of cybersecurity professionals. As per a survey by (ISC)2, cybersecurity workers were shifted from their primary security duties to assist with other IT-related tasks, which were required to equip mobile workforces.
Since organizations were not entirely prepared to meet the needs of a remote workforce from a technology perspective, they reassigned many of their internal cybersecurity experts. As per the survey, which covered 256 professionals in this area, almost half of them were shifted to other roles. On the other hand, Information Systems Security Association’s survey found a 63% increase in cyberattacks related to the pandemic.
When these two findings are combined, the implications are profound. While there was a significant rise in the attacks, the number of qualified employees who can reduce or mitigate those fell drastically. Emsi’s recent survey revealed that the U.S. has less than half of cybersecurity candidates than it needs due to the rising demand for these professionals.
HR Technology News: HR Updates in Aug. 2020 – Part 2: Unique Employee Benefits, Cybersecurity Gaffes, and Virtual Campus Recruitments
How Can the Cybersecurity Skills Gap Be Narrowed?
While there is enough data to establish the ongoing shortage of talent, there is little evidence of what is being done to improve it. One glaring issue that has been raised is the lack of enough women being hired for cybersecurity roles.
Diverse talent pool
As per a report by Cybersecurity VenturesOpens a new window in 2019, women formed only 20% of the global cybersecurity workforce. This is significantly low compared to the talent that is likely to be available in the market. Some steps are being taken to raise the parity levels and visibility of women as experts in this space through conferences such as the RSA Conference in 2019Opens a new window . This is the world’s largest cybersecurity event, and it had 740 speakers, of which 46% of all keynote speakers were women.
The change also needs to be driven internally wherein organizations share how cybersecurity can be a viable career path for women professionals and not just a male-dominated role. As per ForbesOpens a new window , there is a possibility of unconscious bias becoming an endless cycle where this is seen as a masculine profession.
Reskilling internal talent
While reassigning internal cybersecurity experts to support a sudden rise in other IT tasks might have been significant, it is a short-term stop-gap arrangement. The long-term plan should be in the reverse direction, which is to reskill internal employees so that they can take on the role.
Remote workers’ home networks and mobile devices are not secure. With more emphasis on working from home, the need to create a safety net is more important. The IT teams that companies have could provide some of the professionals that are needed in the field.
The first step would be to identify those high performers who have career aspirations in cybersecurity, are fast learners, and demonstrate some of the skills needed for the role. Using a skill map such as that provided by DLTOpens a new window might assist companies in mapping existing talent to the required positions.
The second step is to identify training vendors who can provide guided instructor-led learning or self-learning channels. Investing in this training will save companies a significant amount of money that can result in a financial loss due to a cyberattack.
HR Technology News: Is the Latest Twitter Hack Just the Tip of the Iceberg in the Cybersecurity Skills Gap?
The need for cybersecurity is only going to increase over time with work-from-home and work-from-anywhere becoming standard business models. Employers will have to broaden talent pools by hiring diverse talent and ensuring regular upskilling of current IT teams in cybersecurity to control the cyberattacks that are currently spiraling out of control and protect their business.