ThirdSpace ThirdSpace
ThirdSpace Contact Us
Close 0 Reset Search Run Search What are you looking for? Type at least three characters to search. Filter Search Results
  • All Content
  • Blog
  • Page
  • Case Studies
  • Event
  • Resources
  • News
  • Careers
  • Access Centre
  • Technologies
  • Workshops
  • Service
  • Solutions
  • People
Load more
24 September 2017

5 ways for CISOs to bridge the cyber security skills gap

Written by Mathew Richards

The cyber security skills gap is putting pressure on CISOs in all industries.

Demand for professionals with the right qualifications is currently outstripping supply by 3:1. As a CISO, this means that you’re not only flying the plane, you’re having to navigate it, too.

Given the extremely agile nature of cyber security, it’s unsurprising to hear that there’s a skills shortage within the profession. Unfortunately, this gap doesn’t seem to be letting up anytime soon, which is leaving CISOs with a lack of qualified staff.

“Even when budgets are generous, CISOs are struggling to hire people with up-to-date security skills.” (Diane Ritchey, Editor-in-Chief at Security Magazine)


Bridge the skills gap and build a strong, agile and capable security team

Without the right talent, you could find yourself with little time to be proactive or strategic with your cyber security, or worse, facing serious threats and breaches.

1. Educate the youth

The education system has taken note. STEM courses are being implemented in schools and master’s degrees in cyber security are becoming increasingly popular. But, at the end of the day, it comes down to you to discover and educate the right prospects for your business.

Speaking as a guest lecturer, implementing work placement schemes and running apprenticeships are all effective ways to find the right talent for your role shortages. Organisations should be taking part in activities at local schools, from primary through to secondary level, to support digital competency programmes. This will help establish the foundational behaviours that will benefit their future digital skills development.

This way you can develop young workers into agile and proactive professionals, ensuring that your future employees are as talented and informed as you would like them to be.

2. Define realistic roles and career paths

With cyber security intelligence evolving at a rapid pace, it’s unsurprising that job requirements are constantly changing. However, as roles in the profession are still being defined and created, recruiting expert talent is becoming more and more difficult.

“Despite the spotlight on cyber security skills as a global priority, widely accepted career definitions are still evolving,” explained Candy Alexander, a senior GRC consultant, in an SC Magazine feature. “This lack of consensus makes it difficult for the industry to attract new entrants.”

By maintaining an open mind and clearly identifying what positions your organisation needs, you’ll quickly narrow down who it is you’re looking for. Remove some pre-requisites required for roles – like a compulsory degree in computer science – and cast a wider net. That way you’ll be able to find and nurture a larger range of talent.

Free e-Guide: The business case for cyber security

Take a proactive and pre-emptive approach to cyber security.

  • Implement a culture of continuous assessment and audit
  • Bridge the cyber security skills gap within your organisation
Get my free e-Guide

3. Implement ongoing training

Cyber security is an issue that affects everyone in your business. Therefore, you must ensure that all your existing employees, across every level of your company, should be constantly developing throughout their career with ongoing training.

Depending on your resources and time, you may or may not be able to train your staff alone. As a result, recruiting the help of a third-party could be the best solution for keeping your colleagues informed and bridging the skills gap.

Partnering with companies that recognise the importance of training and awareness can support you in integrating it into your security management framework.

4. Outsource cyber security talent

“Even if the industry was able to fill the estimated 1.5 million open cyber security jobs… we’d still have a skills crisis in security,” explains IBM’s security manager Marc van Zadelhoff.

Filling the talent gap is strenuous work, especially when you’re busy dealing with constant cyber security threats. It’s critical to recognise when you need extra support. Sometimes, the best option for your business is to outsource help rather than take on the burden of trying to hire and nurture the right talent yourself.

Specialist cyber security consultants and tailored services can ease the pressure of the skills gap and, in turn, help you to keep your business one step ahead of persistent threats. By becoming proactive and embracing all the help you can get, your business, data and customers can remain secure, freeing up valuable time for strategic planning and innovation.

5. Use readily available technology

Where outsourcing can’t help, technology can. Pioneers like Microsoft are innovating the cyber security landscape and focusing their efforts on creating useful, accessible tools that support GDPR compliance. These tools help ensure your data and information remains safe, with or without adequate staffing.

Using cloud-ready tools like Cloud App Security allows you to set policies and control access to SaaS apps for your users. Additionally, Advanced Threat Protection uses machine learning to actively detect threats and automatically implement countermeasures before any damage is done.

Technology can offer a helping hand to those suffering from a cyber security skills gap. It can give you the chance to save money and regain control of your data, all from the push of a button.

Next, watch our conditional access and MFA webinar on-demand and learn why these technologies are key to securing your organisation’s assets.

Or download ‘The business case for cyber security’ e-Guide for best practice on how to take a proactive and pre-emptive approach to tackling the issue.

You may also like...


The key to SOCcess – 5 things you need to consider for improved threat monitoring and response


What is a security operations centre (SOC)?


Identify, analyse and remediate: What is Microsoft 365 Defender?

Recent Blog Articles

View All
Mathew Richards
Head of Mobility & Security
Learn More

Get in touch

We'd love to hear from you! Our friendly team can be reached Monday through Friday, from 9am to 5pm.

Contact Us
Award-winning solutions Award-winning solutions

Eight-time winner of the Microsoft Partner of the Year Award for Identity Management, Enterprise Mobility, and Security and Compliance.

ThirdSpace Please upgrade your browser

You are seeing this because you are using a browser that is not supported. The ThirdSpace website is built using modern technology and standards. We recommend upgrading your browser with one of the following to properly view our website:

Windows Mac

Please note that this is not an exhaustive list of browsers. We also do not intend to recommend a particular manufacturer's browser over another's; only to suggest upgrading to a browser version that is compliant with current standards to give you the best and most secure browsing experience.