It’s Over for Turnover: Retaining Talent in Cyberspace

Arguments

Cybersecurity is very attractive for people in the field who continue to pursue opportunities for greater financial gain, and more importantly sometimes for exposure to different areas of cybersecurity

---

Disproportionate burden on retention due to opportunities in cybersecurity field.

---

Limited awareness about cybersecurity as a career among non-technical people

---

Recruitment practices in cybersecurity are not aligned with the demand

---

The importance of creating professional pathways and demonstrating job potential in cybersecurity

---

Provision of employee well-being is crucial in the cybersecurity industry

---

Introduce diversity by design

---

Report

The analysis highlights several key points regarding talent management in cybersecurity. Firstly, there is a significant shortage of 5.5 million professionals in the cybersecurity field, which has grown by 2.1 million in recent years. This shortage underscores the urgent need for skilled individuals in this sector.

The attractiveness of a cybersecurity career is driven by the potential for greater financial gain and exposure to different areas within the field. Effective talent retention is crucial for success in cyberspace. A survey of leaders found that 60% view talent attraction and retention as the most important factor in achieving cyber resilience.

However, retaining talent in cybersecurity is challenging due to the multitude of job opportunities available outside the industry. People leave not only due to organizational factors but also because of the vast opportunities for career advancement elsewhere. Limited awareness about cybersecurity as a career option among non-technical individuals is a significant barrier to talent management.

For instance, none of the 150 MBA students surveyed were considering a career in cybersecurity, highlighting the need to raise awareness and attract diverse talent to the field. Recruitment practices also contribute to the talent shortage in cybersecurity. Job descriptions often require highly technical skills and entry-level certifications, making it difficult for newcomers to enter the industry.

Misalignment between recruitment practices and the demand for cybersecurity professionals exacerbates the shortage. Creating clear professional pathways and demonstrating job potential are essential for attracting and retaining talent in cybersecurity. By establishing progression routes and showcasing the numerous opportunities available, organizations can incentivize individuals to pursue careers in the field.

Additionally, prioritizing employee well-being is crucial in such a demanding industry. Burnout is common in cybersecurity and leads to high attrition rates. Providing support systems and prioritizing employee well-being can improve talent retention. Implemented a widely accepted strategic cybersecurity talent framework is recommended.

This framework would provide a cohesive strategy for talent management and help address the talent shortage. Adoption of this framework by the industry and government is critical for success. Promoting diversity by design is also vital in cybersecurity talent management.

By introducing gender diversity and reducing inequalities, organizations can build a more inclusive and innovative workforce. In conclusion, the analysis indicates that talent management in UK cybersecurity is heading in a positive direction. However, challenges such as the talent shortage, limited awareness, misaligned recruitment practices, and employee well-being need to be addressed.

By tackling these issues and implementing the suggested approaches, the UK can strengthen its cybersecurity workforce and effectively combat the growing threats in cyberspace.

Arguments

CyberRanges deals with the challenge of providing large-scale capabilities to develop the experience and the professionalism of the young and current generations.

---

Staff retention in cybersecurity industries

---

Leadership and vision are vital for staff retention

---

The gap in skills in the security sector exists because security education and training has become a business focused on profit.

---

Governments can help by increasing the accessibility of security education programs starting from schools.

---

Security training and education should be accessible to all, not just the few.

---

Report

CyberRanges is a leading vendor of CyberRange technology that focuses on providing large-scale capabilities for experiential training and education in the cybersecurity industry. Almerindo Graziano, the CEO of CyberRanges, emphasises the crucial role of leadership, vision, and alignment with company values in ensuring staff retention.

Graziano believes that when a company's vision and values resonate with its employees, they are more likely to stay, leading to increased loyalty and a stronger team. In addition to prioritising staff retention, Graziano is passionate about creating value rather than solely focusing on profit.

He argues that companies should strive to provide value to their employees and society as a whole, rather than just pursuing financial gains. Graziano's approach aligns with the principles of responsible consumption and production, as outlined in SDG 12. The analysis also highlights a concerning gap in skills within the security sector.

It argues that this gap exists because security education and training have become commodified, with a primary focus on profit rather than the quality of education and the skills imparted to students. The sentiment here is negative, indicating a concern about the direction in which security education and training have been heading.

To address this gap, the analysis suggests government intervention is needed to increase the accessibility of security education programmes. By starting these programmes in schools and making them more widely available, governments can help bridge the skills gap and ensure that security training and education are accessible to all, not just a privileged few.

This approach not only supports SDG 4 (Quality Education) but also aligns with SDG 10 (Reduced Inequalities) by advocating for equal access to education. Overall, the analysis highlights the importance of CyberRanges' mission in providing large-scale experiential training and education in the cybersecurity industry.

It emphasises the necessity of leadership, vision, and values alignment for staff retention. The analysis also sheds light on the need for a shift towards value creation rather than profit maximisation in the industry. Additionally, it draws attention to the commodification of security education and advocates for government intervention to ensure widespread access to security education programmes, promoting equality and reducing skills gaps in the field.

Arguments

Filippo Cassini is the Global Technical Officer for 4inet, a leading global cybersecurity provider with a vast product range.

---

His role primarily involves focusing on their larger, strategic customers and partners and providing top solutions.

---

A big challenge for his role is sourcing top market talent with at least 10 years of cybersecurity experience.

---

Retention is another obstacle once talent is brought on board.

---

The challenge in cybersecurity domain is to keep up with emerging technologies and new business models

---

Report

Filippo Cassini is the Global Technical Officer for 4inet, a leading global cybersecurity provider with a wide range of products. His primary role focuses on serving larger, strategic customers and partners by offering top-notch solutions. However, one significant challenge he faces in his position is sourcing highly skilled talent from the market with a minimum of 10 years of cybersecurity experience.

Once talent is acquired, retention becomes another obstacle for the company. In order to attract skilled professionals, Cassini is open to forming partnerships in Saudi Arabia. By establishing collaborations in this region, 4inet aims to tap into the talent pool and bring in qualified individuals to strengthen their workforce.

This approach aligns with the company's goal of achieving decent work and economic growth, as well as promoting partnerships for sustainable development. The field of cybersecurity constantly evolves with the emergence of new technologies and business models. Staying up-to-date with these advancements is crucial for 4inet.

Cassini recognizes the challenge of keeping pace with emerging technologies and adapting to new business models. To tackle this challenge, the company understands the importance of involving and engaging their engineering team. By anticipating future developments and actively involving their engineers in decision-making processes, 4inet ensures that they remain at the forefront of the industry.

Furthermore, engineers in the cybersecurity field prioritize work environments that are not only financially rewarding but also involving, engaging, and entertaining. Retention strategies implemented by 4inet encompass investing in future technologies and creating an engaging atmosphere for their employees. By providing an environment that stimulates growth and innovation, they aim to retain their valuable talent.

In summary, Filippo Cassini's role as Global Technical Officer at 4inet involves catering to their strategic customers and partners with top solutions. The challenges he faces include sourcing skilled cybersecurity professionals, retaining talent, and keeping up with emerging technologies and new business models.

The company's strategies involve forming partnerships in Saudi Arabia, actively involving their engineering team, and creating an engaging work environment to ensure the long-term success of 4inet.

Arguments

Jess Garcia is the CEO of Oney Security, service provider in digital forensics and incident response

---

Retention of talent in cybersecurity is a complex issue

---

Strategies need to be personalized according to the sector and the different stages of employees' lives

---

Report

In this expanded summary, we will delve into key points highlighted by several speakers. Oney Security, a leading service provider in digital forensics and incident response, is led by CEO Jess Garcia. Oney Security efficiently responds to incidents and effectively confronts adversaries in customers' networks.

One notable aspect of Jess Garcia's work is her active involvement in teaching at the SANS Institute for over two decades. Her teaching engagements have spanned various locations worldwide, showcasing her expertise and commitment to cybersecurity education. Talent retention in the cybersecurity industry emerges as a complex issue that requires special attention.

It is acknowledged that HR departments are designed to handle the challenges that come with managing a large workforce, particularly in large organizations. However, the solutions implemented for talent retention cannot be uniformly applied across the board, especially when there is a shortage of skilled professionals in the market.

Furthermore, the importance of tailoring retention strategies to suit the specific needs and stages of employees' lives is emphasized. Retaining a 22-year-old employee may differ significantly from retaining a 35-year-old employee. Additionally, it is noted that motivation factors for cybersecurity professionals go beyond monetary incentives.

The necessity for tailor-made solutions is underscored, which involves focusing on knowledge growth and considering motivation factors beyond financial rewards. Recognizing this need, Oney Security has adopted this approach by establishing an oversized HR team and creating dedicated departments such as knowledge management.

Upon analyzing these key points, it becomes apparent that Oney Security, under the guidance of CEO Jess Garcia, is proactive in responding to incidents and threats in customers' networks. Jess Garcia's extensive teaching experience at the SANS Institute highlights her commitment to cybersecurity education.

Moreover, the complexity of talent retention in the cybersecurity sector is recognized, and the importance of personalized strategies is emphasized. Oney Security's focus on knowledge growth and factors beyond financial motivation showcases their dedication to developing effective retention methods. Overall, this expanded summary showcases the various perspectives on Oney Security, its CEO Jess Garcia, and the challenges and strategies associated with talent retention in the cybersecurity industry.

Arguments

Cybernetica creates mission-critical IT systems

---

Companies need to offer perks to retain and attract talent due to a super competitive market.

---

Workplace values and missions are important for attracting talent.

---

Mismatch between company's words and actions can lead to loss of talent.

---

Offering interesting projects and allowing employees to work on research projects contribute to a positive work environment.

---

Estonia has tripled the amount of people studying computer sciences in Estonian universities

---

There is difficulty in attracting people to do their PhDs in computer science due to the ease and lucrativeness of working

---

Estonia is putting a lot of effort into training programs including industrial degrees

---

Report

The analysis reveals key points about Cybernetica and the challenges in the cybersecurity industry. Cybernetica is known for creating mission-critical IT systems based on extensive research and development. They primarily serve governments and critical infrastructure providers. In the evolving cybersecurity industry, attracting and retaining talent is a significant challenge.

The Estonian government's investment in cybersecurity has intensified competition. Companies like Cybernetica are offering perks and aligning workplace values and missions to attract talent. Mismatch between words and actions can lead to talent loss. Creating a positive work environment and engaging employees in research projects contribute to talent retention.

Estonia has tripled the number of people studying computer science, but attracting individuals to pursue PhDs remains challenging. Industrial degree programs are being established to bridge the IT skills gap. Successful cooperation between the government and the IT industry in Estonia is essential.

Overall, Cybernetica's expertise and the challenges in the cybersecurity industry highlight the importance of talent attraction, retention, workplace values, education, and government-industry cooperation.

Report

In a panel discussion on cybersecurity workforce challenges, industry experts addressed the growing number of job opportunities in the field, with 5.5 million jobs currently available. Retaining talent has become a significant struggle for organisations due to the high demand for cybersecurity professionals.

Filippo Cassini, Global Technical Officer and Senior Vice President of Engineering at Fortinet, noted that the average industry retention rate is around 20%. However, some companies have successfully achieved a remarkably low 4% retention rate by implementing unique strategies. Sharing these successful approaches with others in the industry was also highlighted as important.

Almerindo Graziano, Chief Executive Officer and Co-Founder of Cyber Ranges, pointed out that smaller companies also face challenges in retaining cybersecurity talent, despite having fewer resources. They still need to find effective ways to keep their skilled professionals engaged and committed.

Jess, Head of Industry and Partnerships Center for Cybersecurity at 1E Security, shared insights into her company's retention strategies. Although she did not disclose specific details, she acknowledged the value of a well-defined retention strategy tailored to the needs of the cybersecurity industry.

Oliver Vartanu, Chief Executive Officer at Cybrentica AS, emphasized the significance of fostering a collaborative and innovative work environment to retain employees. He stressed the importance of providing a platform for professional growth, teamwork, and knowledge sharing within the company.

Vartanu also emphasized the need to avoid toxic work environments in order to create an atmosphere where employees feel supported and valued. Akshay Joshi, Head of Industry and Partnerships Center for Cybersecurity at WEF, highlighted the need to address the demand and supply imbalance in the cybersecurity profession.

He emphasized the importance of creating a compelling domain for professionals to attract and retain talent through enhanced education, training programs, and awareness campaigns. The panel also discussed the role of governments and educational institutions in stimulating the supply of cybersecurity professionals.

They debated potential actions that governments and education systems could take to encourage individuals to pursue careers in cybersecurity. While specific recommendations were not mentioned, the discussion underscored the importance of collaborative efforts between industry, academia, and governments to bridge the skills gap in the cybersecurity workforce.

In conclusion, the panel discussion provided insight into the challenges faced by organisations in retaining cybersecurity talent due to high demand. Strategies such as sharing successful approaches, fostering collaborative environments, and stimulating interest through education and governmental support were discussed as potential solutions.

The panelists' insights offered valuable perspectives on addressing cybersecurity workforce challenges.