Trustwave Rapid Response: CrowdStrike Falcon Outage Update. Learn More

Trustwave Rapid Response: CrowdStrike Falcon Outage Update. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Offensive Security
Solutions to maximize your security ROI
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

The Great Cybersecurity Talent Migration has Begun, Here’s What you Can Do

The macro-economic consequences of COVID-19 have reached cybersecurity and the talented people who keep us secure. In some sense, invisibility is a hallmark of good cybersecurity, back-end operations running smoothly and keeping the assets, operations and reputation of an organization from harm. But this invisibility is built on proper resourcing, and in the last 18 months, we’ve seen a progressive erosion of the human resources behind successful organizational cybersecurity.

Let’s Call This the Great Talent Migration

At any given time, there are a limited number of top cybersecurity professionals. When you add border closures, data sovereignty concerns, reduced student numbers in the pipeline and the incredible systemic network stressors of work-from-home, you basically create a situation in which burn-out is high and talent demand is even higher.

The consequence is a large number of organizations fighting for a very limited number of professionals. On the surface, an organization might look like its business-as-usual, but behind the scenes, it is scrambling for critical resources, with the end result being both short- and long-term consequences for the organization’s security and our society’s collective security.

Moreover, business confidence is rising in Australia and globally, accelerating the trend because job availability increases even more. Then there are record levels of employee fatigue. Worldwide Gartner research this Sept showed 34% of human resources leaders are significantly concerned about employee turnover, rising to 91% increasingly concerned as the economy improves in the coming months.

At the same time, some cybersecurity experts are opting to leave their career due to the aforementioned burn-out, a reprioritization of their personal goals due to the pandemic (the “great resignation” anyone?), or a shift in participation due to life stages. From recruitment to internal development, incentives and culture, what levers have the most significant impact?

So How Do You Attract and Retain Talent in this Environment?

Cyber specialists will search for employers that support remote work, have interesting projects that enrich their life experience, and organizations that actively appreciate their efforts. And not just through financial bonuses, but as a culture that supports them and their growth. Creating a culture that fosters inclusivity, openness, diversity along with creating a fun environment will be essential to retain your current staff.

Locally and now globally, Trustwave has set up a Diversity Network Initiative (DNI) designed to drive diversity and inclusion awareness through education and programs to make our organization a great place to work and a great team with which to conduct business. Our DNI has five streams of focus: 

  • Gender
  • LGBTQIA+
  • Indigenous
  • Culture
  • Well-being & Mental Health

Trustwave currently has a laser-like focus on gender within the business, and I’m proud that 50% of our local leadership team are women. DNI has also run mental health sessions, including gathering stress release tips from an organization that offers therapy dogs.

A critical element of retaining talent is openness. Fostering a culture of open dialogue between all levels of the business ensures staff knows the mission and how we’re going to get there is critical. Our “Ask Us Anything” open forums give employees a chance to ask leaders anything. It is often business-related, but not always so.

We’re celebrating big wins and small ones along the way. Recognizing contribution is not just monetary - Trustwave has a Cheers portal where anyone can call out a teammate or a far-flung employee who makes a difference to their task, day, or experience. This shout-out helps connect us all.


17242_minimizecybersecurityskillsshortage-cover
WHITE PAPER

How To Minimize the Impact of the Cybersecurity Skills Shortage

Organizations across the world have unfilled cybersecurity vacancies, and the cybersecurity professionals already on staff are pushed to their limits. Something must change to address the staff shortages that are limiting organizations’ ability to erect and maintain strong defenses. This paper examines the cybersecurity skills shortage and advocates for the use of advanced security services and technologies that more effectively leverage the time of current professionals. The paper references data from an in-depth survey of 130 cybersecurity professionals in mid-sized and large organizations.

 

Offloading or Reframing?

As people leave jobs, the remaining staff might be asked to take up the slack left by those who have moved on. This activity generally includes shouldering new duties, but organizational knowledge retention is also becoming a significant issue.

Many organizations are looking to take advantage of outsourced service vendors who add human intelligence (not just AI and automation) to the tasks left behind by those who have left. For example, cybersecurity risk management requires analytics and then assessment based on a human view of how the risk impacts an organization, taking in the needs of the business and the potential effects to understand the necessary actions.

One method is enticing people who stepped out of the industry to return and asking them to handle those fixed scope engagements. If done successfully, this can convince these folks that they can have their side gig on the coast/semi-retirement/time with children and explore new challenges and project goals they’d like to get their teeth into -- help them.

Bring in the Experts; Recycle Knowledge

Engaging specialized experts for scoped tasks or gigs can meet the business needs for compliance or significant projects and get the job done faster and with greater effectiveness. And maybe at the same time skill up your existing employees. More cyber departments are using services to remove the burden of low- and high-level threat detection and response. This action frees up resources for security analytics, specific threat prevention initiatives, and key projects that uplift an organization’s cyber posture. I expect organizations are reconsidering their need for data sovereignty for some aspects of cybersecurity and using global talent and services to fill the gap.

The fastest way to adopt best practices, and one that reduces the burden on staff, is to re-use what others have done before. Our business shares the work we’ve done with clients via a portal that anyone can download mostly for free. The work derived from major Australian and global clients on topics such as presenting to the board or incident response guidelines and metrics we’ve seen work in an industry like theirs. Why build from scratch?

Look Beyond the IT Silo for Talent

Smart organizations are also looking inward and turning to staffers already on board to grow cyber talent – John in Legal? Sally in Marketing? Well-rounded humans have thrived in cybersecurity from the beginning because while coding is literally binary, cybersecurity is not. In the face of a cyber degree explosion, we’re still hiring humanities grads, lawyers and those told they must learn to code but never did because the optimal cybersecurity team is a truly diverse one.

There’s no doubt a great cybersecurity migration is underway, but if you tackle it head-on, there’s plenty you can do to emerge more robust and more secure as an organization.

Latest Trustwave Blogs

De-Risk Technology Transitions and Save Money with Trustwave

With all the issues happening in cybersecurity technology lately, such as CrowdStrike’s software update that caused massive outages worldwide last week, it behooves all organizations to take a...

Read More

How Cybercriminals Use Breaking News for Phishing Attacks

Trustwave SpiderLabs issued a warning that threat actors may attempt to take advantage of CrowdStrike’s software update that caused widespread outages by using the news as the center of a social...

Read More

Trustwave Response: CrowdStrike Falcon Outage Update

Trustwave is proactively assessing and monitoring our clients who may have been impacted by CrowdStrike’s recently rolled-out update for its Windows users. The critical issue identified with...

Read More