Cybersecurity Skills Shortage Demands Fresh Thinking

Skills Shortage Demands Fresh Thinking

With cybersecurity strategies constrained by staffing challenges, Managed Security Services helps your organisation stay safe.

After investing many valuable hours training your cybersecurity team, few things are as frustrating as seeing staff up and leave to pursue job opportunities elsewhere.

Yet, as IT Managers and cybersecurity leaders across Australia will attest, retaining top quality tech talent is an increasingly common challenge when there is a pronounced skills shortage.

According to 160 Australian CISOs surveyed by specialist IT recruitment agency, Robert Half, the race for talent has become so competitive that tech firms are out-bidding each other to attract the right candidates by boosting salary offers to over 70% of new hires.

Despite this, 88% of surveyed CISOs are experiencing more difficulty attracting the right employees compared to five years ago.

Additionally, 71% of CISOs face rising staff turnover rates, which is unsurprising given that 31% of IT employees change jobs within less than two years.

Clearly, current market conditions favour employees, with demand for key cybersecurity skills substantially outstripping supply. While remuneration levels are driving heightened employee mobility, there are numerous strategies you can implement to boost retention rates while cutting the costs associated with continually hiring and training new staff.


Optimise Your Workplace Culture to Retain Cybersecurity Staff

Optimise-Your-Workplace-Culture-to-Retain-Cybersecurity-StaffThe obvious solution to rising staff attrition rates is to increase remuneration levels.

However, this assumes that salary is the only factor motivating your employees to seek opportunities elsewhere.

Increasingly, HR experts understand that whilst salary is a key factor in retaining staff, it is not the only consideration.

According to Andrew Chamberlain, Chief Economist at jobs site Glassdoor, employees are increasingly motivated by other factors:

“The top predictor of workplace satisfaction is not pay: It is the culture and values of the organization, followed closely by the quality of senior leadership and the career opportunities at the company.

Among the six workplace factors we examined, compensation and benefits were consistently rated among the least important factors of workplace happiness.”

So, beyond simply upping remuneration rates, here are some practical strategies you can implement as a CISO or IT Manager to retain your key cybersecurity staff:

Long-Term Focus 

Filling skills gaps within your department’s capabilities may be the reason you’re looking to employ additional staff. However, when it comes to selecting the right candidates for your team, it pays to look beyond what skills they can offer you.

Staff are motivated to join an organisation by a variety of factors. Salary is one reason, however, so too is career progression.

If your goal is to select the right candidates, and nurture them to become long-term employees, take time at the outset of the recruitment process to enquire into the applicant’s own career objectives.

Make the effort to understand where candidates see themselves in the next three years. Enquire as to what cybersecurity sub-sectors they’re keen to specialise in. By identifying a clear trajectory that includes on the job training, formal educational opportunities and a pathway to career success, you could significantly boost staff retention rates.

When staff experience the benefits of an employer committed to investing in their career success, remaining with that organisation for the long-term becomes a much more attractive proposition.

Cultivate a Supportive Culture

Creating a supportive culture is not always easily achieved within a cybersecurity team.

Cybersecurity staff are known for often working long hours independently. Opportunities for interpersonal communication may be rare. With limited staff interaction and engagement, cultivating a supportive workplace culture can be a challenge.

However, if you want to retain staff for considerably longer than an average of two years, it’s a challenge worth pursuing.

One strategy is to aim for a mix of team members at different stages of their career progression.

By blending your team with a mix of recent graduates, mid-career professionals and more experienced senior staff, you’ll be well placed to implement a mentoring system.

The more experienced staff can take ownership of guiding and training your newer team members.

According to a study of Millennial workers conducted by Deloitte, staff intending to stay with their organisation for more than five years are twice as likely to have a mentor (68 percent) than not (32 percent).

To help facilitate mentoring of junior staff, you can incorporate it into the job descriptions of the more senior staff.

At Shearwater, we pride ourselves on offering many fresh graduates their first employment opportunity in cybersecurity. We cultivate a nurturing and mentoring workplace culture, where graduates work alongside more experienced staff, enabling them to gain invaluable hands-on experience. 

By fostering a supportive culture in your workplace, you too can encourage staff to stay with your organisation for the long term.

Benefits Beyond Salary

In markets where certain skills are in short supply, companies will outbid each other to secure the skilled employees they need.
Such circumstances make retaining your valued staff more challenging, especially if they are being approached on a regular basis by head-hunters.
Remuneration levels need to be competitive with industry standards, however there are a range of other perks you can offer to incentivise your staff to stay for the long term:

    • Place and Time Flexibility
      By offering your staff the flexibility to work remotely at certain times, staff intuitively understand that the organisation trusts them, and they develop a sense of ownership over how they manage and successfully complete their tasks. This also provides your staff with the ability to spend more time with family and less time commuting to and from the office.
    • Educational Opportunities
      We spoke before about long-term career pathways. While on-the-job training and mentoring are vital, so too are more formal educational opportunities. With incessant technological change comes the need to have the people who can manage that change. Investing in your staff’s education can be a win-win situation. Your organisation acquires the new skills and knowledge required to manage changing technologies, while your staff benefit from career advancement that comes with additional qualifications.
    • Employee Wellbeing Schemes
      Staff who are healthy, both physically and mentally, will be more engaged and productive. So, it’s in your interests to invest in your team’s wellbeing. Gym memberships, sporting classes, fitness devices such as Fitbit or relaxation therapies such as massages or meditation, are all examples of ways your organisation can invest in the wellbeing of your employees. And with increasing concerns surrounding mental health, many organisations now engage professional counselling services that employees can turn to should the need arise.

Be Open and Transparent

Does your company foster open communication and transparency?

Openness and transparency are key ingredients if staff are to have a sense of ownership and emotional connection to an organisation.

Openness involves sharing information, so your staff are aware of what’s happening within the organisation. More importantly, they require a sense that their views and concerns are heard and respected.

Your department or team should try to accommodate, where possible, different ways of working. Everyone has their own working style. Your staff can be a source of invaluable feedback which can feed into improving business processes.

In short, it requires being open to change.


How Shearwater can help you

How Shearwater can help youOrganisations are increasingly turning to managed security service (MSS) providers to help address the range of threats they face daily, thereby alleviating their need to maintain large in-house IT teams to cover all the skills comprehensive cybersecurity now requires.

A comprehensive cybersecurity strategy includes anticipating threats, fine-tuning security infrastructure, regularly addressing compliance requirements, taking measures to stop threats when they emerge and much more.

It’s clear that managing cybersecurity requirements is no small task.

Threats are increasingly pernicious, with attackers becoming more sophisticated and determined. The costs associated with a significant breach of your cybersecurity systems can cripple your business.

It is incumbent upon every organisation to mitigate this risk. However, doing so often requires navigating a complex web of technologies and procedures.

Having the right team of people, with the right skills, is critical.

The difficulty many organisations experience today is two-fold:

  1. How do you put together and maintain the right IT team, with the right skillsets, when there is an industry-wide skills shortage?
  2. How do you prevent regular staff turnover impeding your organisation’s capacity to maintain ongoing security requirements?

One answer is to expand your organisation’s internal IT capabilities, and deal with all the difficulties associated with recruiting, training and retaining the right mix of skilled staff.

Another answer is to rely on the experts to manage the burden for you.

With Shearwater’s Managed Security Services your organisation can achieve the comprehensive security systems you need, including ongoing monitoring and management, without the stress or cost associated with doing it all yourself.

This frees you to focus time and limited resources on other important matters, such as more strategic IT initiatives.

By tapping into Shearwater’s extensive expertise in mitigating the risks to your IT systems and infrastructure, you’ll be reducing the load on your IT team, and limiting the in-house skillset you require.

With Shearwater Managed Security Services you’ll be able to:

    • Reduce the high costs associated with hiring, training, and managing security personnel.
    • Save resources by ensuring that your staff responds only to validated incidents.
    • Reduce costs through implementing effective standardisation. Our operational efficiencies ensure that we continuously drive costs down through improved processes and procedures.
    • Free key staff and direct senior skills towards higher level activities.
    • Gain access to certified and experienced staff with broad and extensive expertise across complex environments, and who are ready to augment your information security team when the need arises.

Discover for yourself how relying on Shearwater can be a cost-effective solution for your organisation, CONTACT US today and discuss your requirements with our Managed Security Services team.


SWOT Analysis Preview PDF