ThirdSpace ThirdSpace
ThirdSpace Contact Us
Close 0 Reset Search Run Search What are you looking for? Type at least three characters to search. Filter Search Results
  • All Content
  • Blog
  • Page
  • Case Studies
  • Event
  • Resources
  • News
  • Careers
  • Access Centre
  • Technologies
  • Workshops
  • Service
  • Solutions
  • People
Load more
24 September 2017

5 ways for CISOs to bridge the cyber security skills gap

Profile photo of Mat Richards - Security and Mobility.
Written by Mathew Richards

The cyber security skills gap is putting pressure on CISOs in all industries.

Demand for professionals with the right qualifications is currently outstripping supply by 3:1. As a CISO, this means that you’re not only flying the plane, you’re having to navigate it, too.

Given the extremely agile nature of cyber security, it’s unsurprising to hear that there’s a skills shortage within the profession. Unfortunately, this gap doesn’t seem to be letting up anytime soon, which is leaving CISOs with a lack of qualified staff.

“Even when budgets are generous, CISOs are struggling to hire people with up-to-date security skills.” (Diane Ritchey, Editor-in-Chief at Security Magazine)

Bridge the skills gap and build a strong, agile and capable security team

Without the right talent, you could find yourself with little time to be proactive or strategic with your cyber security, or worse, facing serious threats and breaches.

1. Educate the youth

The education system has taken note. STEM courses are being implemented in schools and master’s degrees in cyber security are becoming increasingly popular. But, at the end of the day, it comes down to you to discover and educate the right prospects for your business.

Speaking as a guest lecturer, implementing work placement schemes and running apprenticeships are all effective ways to find the right talent for your role shortages. Organisations should be taking part in activities at local schools, from primary through to secondary level, to support digital competency programmes. This will help establish the foundational behaviours that will benefit their future digital skills development.

This way you can develop young workers into agile and proactive professionals, ensuring that your future employees are as talented and informed as you would like them to be.

2. Define realistic roles and career paths

With cyber security intelligence evolving at a rapid pace, it’s unsurprising that job requirements are constantly changing. However, as roles in the profession are still being defined and created, recruiting expert talent is becoming more and more difficult.

“Despite the spotlight on cyber security skills as a global priority, widely accepted career definitions are still evolving,” explained Candy Alexander, a senior GRC consultant, in an SC Magazine feature. “This lack of consensus makes it difficult for the industry to attract new entrants.”

By maintaining an open mind and clearly identifying what positions your organisation needs, you’ll quickly narrow down who it is you’re looking for. Remove some pre-requisites required for roles – like a compulsory degree in computer science – and cast a wider net. That way you’ll be able to find and nurture a larger range of talent.

A buyer’s guide to Microsoft Enterprise Security

A buyer’s guide to Microsoft Enterprise Security

Remove the complexity from Microsoft’s comprehensive security technology ecosystem. Download the 43-page e-Guide today and understand:

  • What Microsoft security technologies exist – and their key features and benefits
  • How each technology integrates and works together to maximise your security
  • Microsoft 365 licensing requirements – including a handy infographic
Download e-Guide

3. Implement ongoing training

Cyber security is an issue that affects everyone in your business. Therefore, you must ensure that all your existing employees, across every level of your company, should be constantly developing throughout their career with ongoing training.

Depending on your resources and time, you may or may not be able to train your staff alone. As a result, recruiting the help of a third-party could be the best solution for keeping your colleagues informed and bridging the skills gap.

Partnering with companies that recognise the importance of training and awareness can support you in integrating it into your security management framework.

4. Outsource cyber security talent

“Even if the industry was able to fill the estimated 1.5 million open cyber security jobs… we’d still have a skills crisis in security,” explains IBM’s security manager Marc van Zadelhoff.

Filling the talent gap is strenuous work, especially when you’re busy dealing with constant cyber security threats. It’s critical to recognise when you need extra support. Sometimes, the best option for your business is to outsource help rather than take on the burden of trying to hire and nurture the right talent yourself.

Specialist cyber security consultants and tailored services can ease the pressure of the skills gap and, in turn, help you to keep your business one step ahead of persistent threats. By becoming proactive and embracing all the help you can get, your business, data and customers can remain secure, freeing up valuable time for strategic planning and innovation.

5. Use readily available technology

Where outsourcing can’t help, technology can. Pioneers like Microsoft are innovating the cyber security landscape and focusing their efforts on creating useful, accessible tools that support GDPR compliance. These tools help ensure your data and information remains safe, with or without adequate staffing.

Using cloud-ready tools like Cloud App Security allows you to set policies and control access to SaaS apps for your users. Additionally, Advanced Threat Protection uses machine learning to actively detect threats and automatically implement countermeasures before any damage is done.

Technology can offer a helping hand to those suffering from a cyber security skills gap. It can give you the chance to save money and regain control of your data, all from the push of a button.

Next, watch our conditional access and MFA webinar on-demand and learn why these technologies are key to securing your organisation’s assets.

Or download ‘The business case for cyber security’ e-Guide for best practice on how to take a proactive and pre-emptive approach to tackling the issue.

Want more great security content? Subscribe to the ThirdSpace mailing list!

Want more great security content? Subscribe to the ThirdSpace mailing list!

Keep your finger on the pulse of security and Microsoft technology. Submit your business email to get the latest content and event invites straight to your inbox.

Profile photo of Mat Richards - Security and Mobility.

About Mathew Richards

Head of Mobility & Security

As head of our Mobility & Security practice, Mat’s responsibilities include ensuring that our technical knowledge and delivery capability are fully up to speed and current, as well as creating a...


You may also like...


Remote working fuels 2022 Cyber Essentials changes – Are you ready to meet the new security standard?


A quick guide to Microsoft 365 E5 Security and Compliance add-ons


Microsoft 365 licensing: E3 vs. E5 – Which is right for you?

Recent Blog Articles

View All
Related topics

A buyer’s guide to Microsoft security

Understand what each Microsoft technology does and how they all integrate.

Download 43-page Guide

Need some help?

Send us your questions or feedback.

Friendly folks are standing by!

Contact Us
Award-winning solutions Award-winning solutions

Eight-time winner of the Microsoft Partner of the Year Award for Identity Management, Enterprise Mobility, and Security and Compliance.

ThirdSpace Please upgrade your browser

You are seeing this because you are using a browser that is not supported. The ThirdSpace website is built using modern technology and standards. We recommend upgrading your browser with one of the following to properly view our website:

Windows Mac

Please note that this is not an exhaustive list of browsers. We also do not intend to recommend a particular manufacturer's browser over another's; only to suggest upgrading to a browser version that is compliant with current standards to give you the best and most secure browsing experience.