Light Dark
October 6, 2016 By Douglas Bonderud 3 min read
CISO

Chief information security officers (CISOs) face a critical cybersecurity skills gap. Unemployment for security professionals has reached zero percent, and there are still more than 1 million open jobs.

CISOs are often at their wits’ end looking for ways to attract top IT professionals without breaking the budget or compromising the efforts of their existing IT team. One oft-untapped avenue is the marketing department. Here’s a look at the CMO’s role in the talent acquisition marketing of security experts.

A Growing Gap

The cybersecurity skills gap isn’t unexpected. Experts have been warning about talent shortfalls and offering dire predictions about the state of IT security for years. As noted by Forbes, the cost of hiring a security expect — if you can find one — is rising. Security professionals in Minneapolis, for example, enjoy an average salary of $127,757.

Where did this problem come from? Surely, companies must’ve seen the writing on the wall as both technology and security threats underwent exponential growth? In most cases, they absolutely did. But knowledge doesn’t translate directly into power.

While businesses could track the burgeoning need for IT talent, education and enrollment simply didn’t match increasing demand. Absent standards and a solid degree track, security effectively became a homegrown discipline, putting even more pressure on overworked IT admins and staff. For CISOs, meanwhile, the cybersecurity gap has led to a frustrating dance between overspending and sourcing new talent.

Recruitment Reimagined

So how can companies reinvigorate their talent acquisition marketing? It starts with the understanding that while CISOs and IT professionals know the ins and outs of company efforts and long-term plans, those on the outside often have no idea that legacy tech shops or historically manufacturing-driven companies are actually on the cutting edge of security.

Consider a recent General Electric advertising campaign. As Adweek reported, the American multinational conglomerate rolled out a new series of advertisements in which a new graduate and programmer, “Owen,” enthusiastically tells his friends and family that he’s landed a job at GE. The friends respond with a mixture of concern and confusion. Surely, Owen won’t be “changing the world,” as he says, or even working with computers. Chances are he’ll be swinging a sledgehammer or driving a train, right?

The ad campaign is a clever way for the brand to poke fun at itself and its reputation. More importantly, it recognizes that the public at large may not know what GE knows about itself: It’s a forward-thinking, technology-driven company that’s also a great place to work.

Talent Acquisition Marketing

Partnering with the CMO and marketing department may be just the push CISOs need to put a dent in the IT skills gap. Instead of assuming that corporate focus on IT security is a well-known fact, effective ad campaigns can help showcase the innovative efforts already underway. They also engender the perception that security professionals are highly sought-after sources of talent.

More importantly, however, effective ad campaign craft stories that clearly communicate corporate culture. With security professionals now able to pick and choose job type and location, companies need to produce more than just an advertising blitz — they need a mission statement that makes it impossible for new graduates to ignore the clarion call of CISOs.

A Wider Focus to Close the Gap

Ads are an excellent start, but other methods to boost hiring are also worth considering. CSO Online suggested a wider focus: Rather than writing job descriptions for the perfect candidate, CISOs should embrace the broader IT experience of employees whose skill sets might not match corporate needs but demonstrate the capacity to “manage projects and to act as a liaison between the technical staff and the business department.”

Another option is to invest in current talent. Existing IT professionals could take on a significant portion of the security workload with more time and training. While this may mean outsourcing less critical IT tasks, the payout in terms of logistical stress relief and long-term loyalty are often worth the cost.

For CISOs, tracking down the right talent is only half the battle. Convincing IT professionals to take the job is no easy feat when the world is their oyster. By partnering with the CMO, leveraging a fresh perspective on the organization and expanding hiring horizons, however, CISOs can bolster talent acquisition marketing to help bridge the cybersecurity skills gap.

 |  |  | 
Douglas Bonderud
Freelance Writer

More from CISO
October 27, 2023

The evolution of 20 years of cybersecurity awareness

3 min read - Since 2004, the White House and Congress have designated October National Cybersecurity Awareness Month. This year marks the 20th anniversary of this effort to raise awareness about the importance of cybersecurity and online safety. How have cybersecurity and malware evolved over the last two decades? What types of threat management tools surfaced and when? The Cybersecurity Awareness Month themes over the years give us a clue. 2004 - 2009: Inaugural year and beyond This early period emphasized general cybersecurity hygiene,…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature