Cyber talent management is the latest catch phrase in the cyber security industry. Business people have always recognized that success includes finding ways for talented, top of their game people to achieve, progress and be rewarded. With the massive growth in demand for cybersecurity professionals, the management of talent has taken a back seat in many ways to just obtaining the qualified personnel.
Booz Allen Hamilton played a prominent role in the 2015 ISC2 Workforce Study, released earlier this year. Angela Messer, executive vice president for the predictive intelligence, emphasized several points, particularly the strain on the current cyber workforce. Extensive resources and personnel time is spent remediating cyber attacks. That draws resources and personnel away from areas that contribute to production.
“We’re seeing greater adoption of advanced analytics and tools that can help security professionals convert intelligence into improving their cyber operations, but today’s workforce is already
stretched thin, with many reporting remediation and reacting to alerts as their primary focus,” said Messer.
Cyber Semantics – Recruiting the Right Cyber Talent
Booz Allen Hamilton uses some unconventional phrases to reflect their view of cyber talent management. Messer states that “non-traditional strategies and partnerships” are key to recruitment and retention in the cyber field. She also wants to change the sociology of the cyber group. “We need a cyber team—but let’s move to a cyber crew. They train together and mentor together.”
The survey found that more and more cyber security functions are being outsourced. The lack of in-house skills is forcing this move. Companies need to invest in a cyber workforce that is more proactive and intuitive which leads to cyber efforts that go beyond mere defense.
Traditional coursework in cyber security and emerging cyber technologies has a “sell by” date. The workforce study respondents wanted more education and training, especially in emerging threats and technologies. Employers, whether public or private, need to invest in their cyber talent and ensure that they are current, trained and educated, in the relevant topics.
Managing these employees goes well beyond recruitment. Managing means the continual encouragement, education and motivation of cyber talent that retains experienced and effective employees. And, as Messer and Booz Allen Hamilton point out, all this cyber talent management requires nontraditional, outside the box, thinking and strategic planning. Cyber talent management must go beyond recruiting to be effective, and take into account better retention, faster remediation after an event, and making sure the cyber workload includes education and training.