Cybersecurity personnel may seem superhuman, but they crave the same principles of career satisfaction/growth as much as the next human!
When employees began quitting their jobs en masse in 2021 during what became known as the Great Resignation, hackers pounced on the opportunity to breach vulnerable data, prompting employers to start a desperate search for cybersecurity personnel to replacement lost talent or to shore up defense capabilities.
By protecting sensitive data, fostering a positive workplace culture and being open to hiring people from diverse backgrounds, companies can replenish their cybersecurity staff in no time.
Here are the nine ways that firms have found to maintain a strong cybersecurity posture amid budgetary and economic constraints.
- Think outside the box
The perfect candidate does not have to be perfect. Look for people who are eager to learn and who show the right soft skills such as good communication, problem-solving abilities and willingness to work as part of a team. - Open the door
As many cybersecurity professionals may have taught themselves a new coding language, framework or tool without formal training, they are self-driven, intelligent people. Barring such candidates from applying due to the lack of paper qualifications or several years of experience quickly dries up the pool of potential workers. - Get with the times
Part of the reason so many cybersecurity workers have resigned is because they were too overworked, with too many threats and vulnerabilities to keep track of.
It can be difficult, but seek to find a balance between improving employee work life while also being mindful of the pressures you may be putting on your security team. The days of casting suspicion on people who want to work remotely are coming to a close. Job listings should take this into account and advertise flexible work schedules, competitive pay and a friendly, positive company culture with rewards for free thinkers.
Also, remote-working and productivity tools can make employees happier, but they can also create major cybersecurity risks so this area needs to be addressed. - Look inside
When trying to fill vacancies, first search from within. Many current workers could be happy to change roles even if they would not say it outright. Considering them can cut out several steps in the hiring process.
Managers can offer deserving team members a promotion that comes with increased benefits. It is only fair to give them a raise in pay when they take on more important responsibilities. - Keep things positive
Money should not be the only motivator for employees to stick around. Firms should create a positive workplace culture where growth is encouraged, managers help people when mistakes occur, and workers feel valued.
This does not mean employers should silence workers who are struggling. Part of having a positive workplace culture means managers will listen when their employees voice legitimate complaints. Forcing people to bottle up their emotions only increases their odds of quitting.
Let employees know they are making a difference and are doing something meaningful. However, if they have no chance of progressing in their career, they can end up feeling like they are just spinning their wheels—so do provide continual growth opportunities to them. - Be a fair manager
One thing that makes employees feel competent and valued is if their employer provides a moderate amount of management. However, do not micro-manage— which sends a message of distrust.
Pointing out every tiny mistake people make is a surefire way to discourage them, since it gives the impression they cannot do anything right. A good manager will step in and help while explaining the process for complicated tasks.
Good employers will ensure that all managers and teams are always open to feedback, good or bad. They will also recognize and reward people who work harder or achieve new milestones. Treating everyone equally regardless of work ethic leads to disgruntled overachievers and complacent slackers. Being proactive goes a long way toward retaining employees and helping them be productive. - Provide continuous training
It is better to be hyper-vigilant than complacent. Strive to have 100% visibility of security configurations, access/user matrixes, SSL certificates, software versions and security headers regularly, and keep employees updated on their policies while providing ongoing cyber security training, especially where phishing and social engineering risks are concerned. - End on good terms
Even if an IT employee decides to reject counter-offers and leave, employers should be civil and professional towards them. This reduces the chance of an accidental or intentional data breach by disgruntled workers. - Shut down accounts
Quickly deactivate the accounts and access rights of resignees at the soonest opportune moment. Close their email accounts, group chats and access to company databases.