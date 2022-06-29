(AGENPARL) – SEATTLE (WASHINGTON) mer 29 giugno 2022
To meet the security requirements to face evolving threats and changing technology, organizations must adapt and shift how they previously managed cybersecurity. While technical controls and capabilities still remain a priority and a commonly accepted method of securing the environment, adapting to a new approach for hiring cybersecurity talent can solve a leading concern of many leaders in a cost-optimized and risk-effective manner.
Hiring cybersecurity talent normally uses a top-down approach that fills most senior roles first before filling roles further down the organizational chart. However, because of cybersecurity worker shortages and the need to focus on specific capabilities from a talent pool—sometimes with nontraditional backgrounds—the standard hiring approach is less effective in this competitive
job market.
While one answer may be to throw money at the problem and hire as many workers as possible to grow your organization over time, this approach does not necessarily lead to reduced risk. No matter what approach to resourcing companies use, the changing nature of cyberrisk means companies need to manage talent flexibly to adapt to new threats.
By preplanning and understanding the organization’s cybersecurity needs holistically,
it is possible to lay out a hiring road map that focuses specifically on the most critical cyber initiatives. Assessing risks, understanding priorities, and then filling those roles based on capabilities and associated skills can reduce risk and protect business value.
Apply talent to value protection
Leading organizations understand the impact and likelihood of cybersecurity and technology risks and seek to reduce those risks to enable the business. It is not just about what capabilities to prioritize, it is also about what skills are needed, if you can find those skills from within the organization, and if you need to hire or outsource.
The talent-to-value-protection approach defines the most important roles that show a maximum reduction in risk or create the greatest amount of security value (Exhibit 1). Priority roles should be filled with the right skills to eliminate risk as soon as possible, utilizing all resources, capabilities, and recruiting efforts.