Keeping Your Wizards: Onboarding and Retaining Cybersecurity StaffAugust 24, 2022 - 2 min read
How do we keep our Wizards? I’m not referring to the spell-casting, long-bearded, dungeons and dragons characters. I’m referring to those invaluable cybersecurity staff members in your Security Operations Center (SOC) that handle your most critical responsibilities and tasks.
These are the heroes that make an impact within your organization by managing crucial remediations, code changes, or risk analysis.
You can’t afford to lose these InfoSec superstars. If your wizards disappear, so does their institutional knowledge. That’s an immediate, painful, and potentially disruptive void to refill.
Cybersecurity Staffing: A Real Business Concern
Consider these findings made in 2022:
“About one million people work in cybersecurity in the U.S., but there are nearly 600,000 unfilled positions.” The Philadelphia Inquirer (2002)
And the situation is not getting better…
“In the last 12 months, job openings have increased 29%, more than double the rate of growth between 2018 and 2019.” Gartner TalentNeuron (2022)
But the most telling metric is how staffing shortage impacts actual security vulnerabilities. According to a recent Forbes report (April 22, 2022):
“Continued Security Staff shortages are making businesses more vulnerable to cyberattacks…Talent shortages have a tangible impact on security programs. As colleagues leave and roles stay open, they are struggling to maintain security standards, particularly around compliance and supporting secure development. Vulnerabilities are more likely to slip past undetected, and teams are concerned they’re not ready to respond to cyberattacks.”
The InfoSec Labor Market is Tighter Than Ever
Cybersecurity professionals with vetted, practical expertise are in high demand. While online certifications have become extremely popular, CISOs and InfoSec VPs are mostly competing for workers with real hands-on experience.
Employers are becoming more aggressive in their efforts to poach skilled cybersecurity workers from other organizations and competitors. So how can you ensure that your wizards – in which you’ve invested serious time and money – stay with you?
Keep Your Cybersecurity Staff Engaged
Employee Fulfillment is Essential for Retention
“Employee engagement is an investment we make for the privilege of staying in business,” states Ian Hutchinson, Life & Work Engagement Strategist.
We’ve all heard stories of wizards running for greener pastures after they felt like they were being underutilized or under-appreciated. I’m sure many of us have felt the same way in our past (or even current) job positions.
For Security Wizards, the most complex, crucial, and challenging work is often the most fulfilling.
Make sure that your employees are doing what they were hired to do instead of “donkey work” (as Michael Douglas would put it).
Cybersecurity Staff Pain Points: A Problem-Solving Example
Your wizards are spending an inordinate amount of time validating reports and sifting through thousands of results. They’re feeling throttled instead of feeling the magic.
The CISO removes these relative menial tasks and optimizes workflows to ensure that team members are doing the job they signed up for. Now the wizards can spend their precious time on the critical tasks that excite them to affect real and significant change.
With this strategy, you’ve just improved your risk posture in tandem with employee morale. You’ve also made it easier for your organization to attract and recruit new wizards.
Bonus Impact on the Rest of the Cybersecurity Team
Your wizards will feel more fulfilled and also have the bandwidth to teach the rest of your security staff members. Do other employees in your cybersecurity workforce demonstrate the potential to become a sorcerer themselves? Now wizards can help those rising stars shine!
Let your wizards do what they do best to help strengthen your employees’ core happiness, progression, and retention. Worst-case scenario? If a wizard vanishes, you’ll still have some up-and-coming apprentices who are ready to practice their own cybersecurity magic.
Protect Your Prized Assets
Keep your wizards! How can you create the Ideal Security War Room, and also keep your wizards? Learn about Building the Ideal War Room by downloading our free whitepaper.