12 November 2018

5 ORGANIZATIONAL TRAITS THAT ATTRACT TOP CYBER TALENT

by Abby Cashman, Erin Weiss Kaya, and Joseph Thompson

What successful cybersecurity workplaces have in common

Today’s job market looks pretty good from the perspective of a qualified cyber professional. According to Cyberseek, there are more than 300,000 cybersecurity job openings in the U.S. right now, and the Center for Cyber Safety and Education predicts that by 2022 there will be a global cyber talent shortage of 1.8 million, and growing.

With so many openings, cyber professionals can afford to be choosy, holding out for positions and workplaces that meet their personal and professional needs. Working with the Federal Government and global organizations across multiple industry sectors, we’ve found that recruiters cannot rely on salary alone, and the work environment itself can actually play a powerful role in attracting and engaging the elite teams that true enterprise security demands.


The nature of cyber work often means that it must be executed in an environment that’s faster-paced, more dynamic, and quicker to adapt than that of its parent organization. In our experience, successful cyber practices generally share five key traits, which, you may be relieved to know, do not necessarily include sky-high salaries, office ping-pong tables, on-site beer fridges, or dress codes involving flip flops and jeans.

Successful cyber practices have work environments which are:

1. Agile: Cyber work requires mental and managerial agility. Cyber employees need to be able to shift their work and priorities quickly and decisively as threat tactics evolve, new circumstances become known, and attack surfaces change. 

2. Multi-functional: Cyber is a team sport. A strong cyber practice is built of teams with diverse knowledge sets and mindsets who can quickly work to tackle emerging issues, and execute a variety of activities at once. Your employees do not have to be good multi-taskers, but your overall cyber capability does.

3. Dynamic: Cyber professionals embrace learning. With threat actors across the globe developing array after array of new threats, your cybersecurity work practice must continuously adapt as it stays informed. By focusing on reskilling of your workforce, your cyber capability will be ready to solve new problems.

4. Flexible: Cyber threats move fast, and cyber employees crave new challenges. To meet these needs, your practice must be enabled to conform to new areas of focus. Your cyber organization needs to be infused with a talent management strategy that anticipates needs and allows employees to change their roles to increase your capability’s flexibility.

5. Informal: Cyber professionals tend to thrive in a non-traditional environment. Cyber candidates and team members will likely look for highly-flexible working hours, the ability to decompress after intensive sprints, and the ability to work in a manner suited to the nature of the work—not the nature of the parent organization.

Creating these conditions for cybersecurity professionals will allow a cyber organization to adjust quickly to tackle any challenge. In practice, your cybersecurity division might need to have different work locations, matrixed reporting lines, round-the-clock shifts, and a more relaxed dress code than other segments of the workforce. The budget process for your cyber organization might be centered around technological investments or on a different, and more adaptive timeline to meet shifting threats. Most importantly, given the work requirements, a cyber practice must have leaders who not only share a competitive nature and passion for technology, but also have a proven track record of thriving in dynamic, multi-functional settings.

No comments: