The Challenge of Recruiting Cybersecurity Talent
May 4, 2022 – “Recruiting cybersecurity executives can be extremely challenging,” said Frank Scarpelli, managing partner and chief executive officer of technology-focused search firm HireWerx. “The top performers are certain to be fully engaged, so posting a job advertisement on LinkedIn unfortunately isn’t likely going to yield the best results. That said, there are many factors that can motivate cybersecurity executives to make a move. For example, a lack of buy-in by the board or the C-suite, a toxic company culture, inadequate budget, or insufficient recruiting and training capabilities that hinder building high-performing teams.”
Some of the key areas of cybersecurity recruiting include threat intelligence, network and endpoint security, mobile security, cloud security, IoT/IIoT security, behavioral detection, deception security, risk remediation, continuous network visibility, quantum encryption, and website security.
“Recruiters look for education, certifications, and other credentials to help validate the skills and capabilities of candidates,” said Mr. Scarpelli. “That said, it is more important than ever to be able to assess experience and applied skills, especially those that may be transferable or provide a foundation upon which a company can build upon through training.”
As technology evolves and becomes ever more sophisticated, the demand for experienced chief information security officers has never been higher. “No longer can companies trust that their algorithms, code, or other intellectual property will remain protected,” said Mr. Scarpelli. “Turnover for this technology leadership position is unusually high due to the level of stress involved. Let’s face it, the consequences of any breach will likely fall directly at the feet of the CISO. The average tenure of a CISO is 18 to 26 months according to multiple sources. Cybercrime Magazine states that 24 percent of Fortune 500 CISOs are on the job for just one year.”
Key Qualifications
It is critical that today’s CISO bring a combination of technical and business acumen to the table, said Mr. Scarpelli. Equally important, the individual must be able to communicate effectively at the executive and organizational levels. Some of the direct impacts of the role may include risk mitigation, building a strong cybersecurity culture, establishing processes to meet and anticipate current trends of threats, and positively impacting the quality of data across the organization.
“The CISO is in a unique position to view data across the enterprise, which allows the business to identify opportunities for competitive advantage,” said Mr. Scarpelli. “Building a strong security process can oftentimes be a unique selling proposition for the company that offers a distinct competitive advantage.”
Moving forward as technology continues to evolve, it is imperative for CISOs to operationalize security rather than merely focus on compliance and oversight,” said Mr. Scarpelli. What’s more, depending on your structure, ensuring alignment with the business as well as more traditional IT infrastructure areas is critically important.
Mr. Scarpelli said that some key areas to consider as the cyber landscape evolves would be: how enterprise API ecosystems will reveal new vulnerabilities, the increasing sophistication of phishing attacks, new risks that 5G will bring particularly in the area of IoT, and the potential vulnerabilities that can compromise smart devices in order to illustrate network infrastructures.
Finding Technology Talent
Chicago-based HireWerx is a boutique talent acquisition solution provider specializing in serving technology and technology-enabled companies. Mr. Scarpelli has dedicated his career to building and scaling companies through strategic business initiatives focusing on strategy, people, process, and technology. With a strong understanding of technology and business, he leverages in-depth knowledge of skills, behaviors, competencies, and effective leadership characteristics to build high-performing teams and recruit top executives.
“There is a demand for talent like I haven’t seen in over 20 years since the dot-com boom,” Mr. Scarpelli said. “Our focus is on technology, so my perspective is influenced by our industry specialization. I don’t see any slowdown in demand for the search industry on any level. I see it trending upwards. What’s more, the fact that companies are hiring at the management and executive level remotely is really changing the game.”
“Many of our clients, including Fortune 500 CPG organizations, were not negatively impacted over the past 18 months,” said Mr. Scarpelli. “In fact, they saw booming sales growth. Because the pandemic has boosted digital acceleration, we are seeing rapid adoption of technology, which is what I believe is behind the productivity surge. We are seeing strong movement in the following sectors: medical technology, software, and SaaS, IoT, as well as wireless technology, especially in the area of 5G.”
“As a firm, we are always adjusting our services to accommodate our clients’ unique needs. I’d say the biggest change has been conducting virtually all of our meetings over video,” Mr. Scarpelli said. “It has increased the frequency of face-to-face communication tenfold. And more face time is always a good thing.”