Recently, our CEO Kris Rides put out a statement on LinkedIn regarding the cause of the cyber security skills gap. The post quickly gained traction and encouraged an engaging conversation among the thousands of security professionals that it reached. Kris’ main point is essentially that the cause of the cyber security security skills gap is more so a lack of invested companies rather than a lack of willing candidates. He maintains that even though candidates must play a strong part by volunteering or spending extra time on certifications, the onus must equally be placed on the companies as well. It isn’t good enough for these companies to just talk about doing it, they have to go out there and actually try to do it. Kris ends it off with a call to action encouraging companies to invest in people entering the cybersecurity industry and also raises the question, “What do you think is stopping us seeing more internships, apprenticeships and entry level cyber security positions being offered?” A few insightful responses that stood out to us are as follows.
Senior Enterprise Cybersecurity Architect:
“I couldn’t agree more. The U.S. Military doesn’t hire the fighting force, they train them. The same needs to be true in cybersecurity. Take everyone willing to learn. Train to the baseline for the cybersecurity position.”
InfoSec Recruiter:
“Investing more time in training employees can save more time recruiting on the backend of that. What’s better, recruiting for an unfilled job for 6 months, or training someone with 5/10 skills and having them ramped up in 3 months?”
Cybersecurity Consultant:
“You touched on it a bit in your post. We have an elitism complex within the cyber industry. I have industry colleagues who exclaim: “I jumped through 24 hoops to enter this workforce, and so should you!” Yet, we should be focused on breaking those barriers down and asking why it took so many hoops to enter in the first place. How can we as a whole make this a more enticing industry to join, grow, and thrive in at all stages of your career?”
Cybersecurity Professional:
“I think the issue is that even for entry level cyber security, you’re supposed to have 3-5 years of IT experience. As a newcomer to cyber security and IT, that’s the issue I’ve ran into at least. I can teach myself enough to get certifications, but without hands-on work experience, it’s hard to sell myself to employers for entry level positions.”
It’s time to start switching up how we think. If we want to see any improvement in the cybersecurity skills gap, companies should be spearheading that change. Many talk the good talk but when it comes down to it won’t pull the trigger unless they know for certain they can profit off it.
That is why we at Tiro Security have taken it upon ourselves to launch The nextCISO Apprenticeship. The program seeks to bridge the cybersecurity skills gap by educating a diverse set of students at zero cost. At the end of this rigorous 6 month apprenticeship, they will graduate with industry recognized certifications, commercial experience with the end goal to help them find their first position in cyber security. If you would like to help out and do your part in bridging the gap, we are looking for more commercial partners that are interested in offering our graduates opportunities at the end of the program. To learn more about the initiative, click here for more information and those interested in helping can contact our CEO Kris Rides via LinkedIn.
Tiro Security are a specialist Cyber Security staffing and professional services company. Formed in 2012, headquartered on the West Coast and helping clients all over the USA, Cyber Security is ALL we do. Tiro Security is extremely active in the cyber security industry and regularly speaks as experts on staffing, careers and retaining talent at major conferences including DEFCON, ISC2 Congress, ShellCon, BSides and RSA.