The acceleration of digitalization during the pandemic has also led to an acceleration in cybercrimes. According to Cybercrime Magazine, this type of criminal activity is expected to cause $6 trillion in damages to the global economy and will continue to grow 15% annually to reach $10.5 trillion by 2025. As a result, business demand for cybersecurity professionals is also rising rapidly, making these skills one of the most in demand.
According to the US Bureau of Labor Statistics, the job market for information security analysts is expected to grow 31% by 2029, far faster than the 4% projected for the overall job market in the world’s largest economy. Furthermore, salaries for these IT specialists are rising more quickly than for most other roles, according to Forbes, which reported that professionals can expect on average a $15,008 increase in 2021 alone.
CNN reported that a 2020 global survey showed 3.12 million cybersecurity roles went unfilled. These range from entry-level analysts to executive leaders responsible for security strategy for their organizations. At every pay grade, there are shortages of cybersecurity professionals needed to counter the surge of digital crimes.
This, of course, has made it more difficult for companies to acquire the skill sets they need in an increasingly risky world, even as they convert more of their businesses to online. Attractive salaries, of course, is one way to ensure employers secure those skills, but this is an untenable approach. Understanding what motivates this group of in-demand workers, developing strategy that focuses on these enticements and leveraging a strong employer brand are key to building a sustainable talent pipeline.
According to (ISC)2, a global cybersecurity professional organization, most of those working in cybersecurity have been in the field for a relatively short amount of time. Of 1,024 working professionals surveyed in the US and Canada, only 29% have more than eight years of experience. And a majority (75%) are under 45 years old. A majority (59%) entered the cybersecurity field after transitioning from another IT job.
When it comes to education, these professionals are highly educated. About 40% have a bachelor’s degree while 33% hold master’s, and 8% have doctorates.
With a large percentage possessing at least one college degree, this might explain why compensation is not a top motivation for this group. In fact, pay isn’t even among the top five motivating factors for these professionals, according to (ISC)2. Rather, a majority (52%) say they are motivated by the ability to solve problems as the primary reason for choosing this field, followed by a perception that their job fits their skill set and interests. A high demand for cybersecurity skills was the third-most-cited factor.
With this in mind, how can you attract talented cybersecurity professionals to your organization and get them to stay? Focus on the following three areas, and you can improve your strategy.
1. Internal mobility. As (ISC)2 points out in its research, a majority of these workers entered the field through a different IT job, so consider the high-quality talent you already employ within your IT function. The ability to problem-solve, career advancement potential and a desire to work in a continuously evolving field are all top motivating factors. While an IT background isn’t a prerequisite, it can help accelerate an internal candidate’s ability to be productive in cybersecurity more quickly. However, some candidates without IT experience are also finding their way into this field. In fact, 26% of those with fewer than three years of cybersecurity experience started in fields other than IT.
2. Continuous training. More than half of those surveyed say an education in cybersecurity is a “nice to have” qualification so organizations should consider how to continuously upskill their workforce. Skilling has become more critical to the talent strategy of companies during the pandemic, and this is especially true for cybersecurity as it is a rapidly evolving field. Whether a company is recruiting externally or looking inward for talent, the promise of continuous training is a powerful way to attract experienced and new workers. The proliferation of certification and other skilling programs have made it easier for businesses to keep their security teams in tune with new threats and practices.
3. Create an effective employer brand strategy. Because compensation isn’t one of the most compelling motivators for cybersecurity professionals, leverage your employer brand and employee value proposition to become a workplace of choice. This means emphasizing the benefits of a career with your organization — opportunities to solve challenging problems, working in a highly dynamic field, serving in a critical role for the business — in your recruitment messaging. Don’t forget to focus on other differentiators, too, such as workplace environment, job flexibility, a nurturing culture, etc. It’s important to make your employer brand stand out during these competitive times.
How can you further enhance your employer brand? The 2021 Randstad Employer Brand Research provides helpful insights on brand building through our global survey of 190,000 working-age adults in 34 markets.