Study finds companies are mishandling cyber security recruitment

Recruiters wrong-footed as skills shortage mounts

Companies are sabotaging their cyber security efforts with a mixture of poor recruiting and training practices, warned a report from the Information Systems Security Association and tech advisory company the Enterprise Strategy Group today. 

The 2021 edition of the Life and Times of Cybersecurity Professionals report found the skills shortage in this sector is as bad as ever. Of the 489 cyber security professionals surveyed, 44% said it had worsened, while half said it was around the same over the past few years. 

The cyber security skills shortage is contributing to workplace stresses for cyber security professionals, who singled out an overwhelming workload as the third most stressful issue. Six in 10 reported an increasing workload on existing staff, with roughly the same number highlighting an effect on work/life balance, and just over a third reporting an unhealthy level of job-related stress. 

The top two stress factors were dealing with IT projects created with no security oversight and dealing with disinterested business managers. 

Companies having difficulty finding cyber security staff would ideally train the ones they have to make them more productive. This was a priority for 91% of cyber security professionals, who felt that failing to update their skills put them at a disadvantage when protecting their organizations. Yet six in 10 felt job requirements stop them from updating their skills. 

Related Resource

Don’t just educate: Create cyber-safe behaviour

Designing effective security awareness and training programmes

How to define effective security awareness and training programmesDownload now

The answer is to carve out more time for training in staff schedules, the report advised. 

The experience of recruits is a related problem. One in three respondents said their organizations were forced to hire and train junior employees rather than experienced candidates, as the latter were hard to find. 

Recruitment teams are a factor in the failure to hire experienced staff and often misstep when hiring cyber security pros, the report warned. There is no shortage of job offers, with recruiters soliciting 70% of respondents at least once per month. However, those recruiters often don't understand the sector, and the job offerings are poor. 

A lack of competitive compensation was a common complaint, which is a problem given it is the second-highest indicator of job satisfaction. Unrealistic job postings, such as demanding too much experience and too many certifications, were another common problem. This means new security postings often remain unfilled for weeks or months. 

Featured Resources

The ultimate guide to business connectivity in field services

A roadmap to increased workplace efficiency

Free download

The definitive guide to migrating to the cloud

Migrate apps to the public cloud with multi-cloud infrastructure solutions

Free download

Transform your network with advanced load balancing from VMware

How to modernise load balancing to enable digital transformation

Free download

How to secure workloads in hybrid clouds

Cloud workload protection

Free download

Recommended

Large companies fall short on domain security
cyber security

Large companies fall short on domain security

28 Sep 2021
HPE GreenLake takes aim at data protection and analytics
data protection

HPE GreenLake takes aim at data protection and analytics

28 Sep 2021
Hackers spoof Zix in credential phishing attack
phishing

Hackers spoof Zix in credential phishing attack

28 Sep 2021
Women and BAME individuals are hardest hit by cyber crime
cyber crime

Women and BAME individuals are hardest hit by cyber crime

28 Sep 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

17 Sep 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

17 Sep 2021