Top Tips for hiring cybersecurity talent

Engineering / Top Tips for hiring cybersecurity talent

Tristan Chinn

Tristan Chinn
April 13, 2018

Cyber threats. It’s a topic that’s leapt to the top of the agenda. But does your business have the key skills to deal with the mounting dangers to your cybersecurity?

In this blog we’re going to explore the fear that exists, and the ways organisations can recruit to safeguard against attacks.

We’ll start off by exploring the growing concern amongst CEOs.

The latest edition of PwC’s Annual Global CEO Survey found that 40% of respondents were ‘extremely concerned’ about cyber threats in relation to their company’s growth prospects.

That’s a 16% increase on 2017’s findings.

The Hiscox Cyber Readiness Report goes into greater detail about the global landscape.

Their 2018 report was formed by 4,100 executives, department heads and IT professionals from the US, UK, Spain and The Netherlands.

And it found that seven out of 10 of the organisations polled failed the cyber readiness test with almost half (45%) of the 4,103 businesses surveyed hit by at least one cyber attack in the past year.

The cost of those breaches was as large as $25m in the US and $20m in Germany and the UK.

It’s probably no surprise to hear then that spending is set to rise. The Hiscox report found that nearly three out of five respondents (59%) plan to increase their cybersecurity budgets in the year ahead.

Why engineering must react

Every sector needs to deal with its own cybersecurity challenges. These threats aren’t limited to one single space.

However, the nature of engineering and manufacturing means there are unique potential problems to address.

Professor Raj Roy of Cranfield University offered more context to this thinking when speaking to The Engineer.

In his opinion “cybersecurity can no longer be an optional extra for engineers; it must be a core competence of the profession.”

Being cyber aware isn’t just about having a strong password or getting the IT guy to set-up firewalls, especially when it comes to engineering.

Engineers develop new products by bringing together a number of components from across the world.

But Roy asks: “Do we understand the security behind those components and how secure they are during their lifecycle? How secure are the materials we are using and can they stand up to threats not just now but in the future?”

Or to put it another way, does your business have adequate protections in place? Or a workforce with the necessary knowledge to react to cybersecurity threats?

Cyber threats and skills shortages: the double whammy

The threat’s increasing but it’s becoming harder to bring in the right skills to tackle the cyber menace. That’s a real headache.

Going back to the PwC survey, the ‘availability of key skills’ (38%) came in just behind cyber threats amongst the issues CEOs rate themselves extremely concerned about.

And when we drill down into the specific issue at play here there are even more alarming statistics.

The 2017 Cybersecurity Jobs Report compiled by industry leading website Cybersecurity Ventures predicts there will be 3.5m unfilled cybersecurity positions by 2021.

Where’s the talent going to come from? More importantly, how are you going to find it and protect your business?

There’s the problem in a nutshell.

So, let’s do something about it. Here are some top tips for hiring the best cybersecurity talent:

  • Take a deep dive. Posting ads on job boards is just scratching the surface. A CSO insider met with cybersecurity pros and found that they’re far more likely to engage with a professional recruiter than an HR representative. Conduct a proper executive search and network, network, network.
  • Look around you. Don’t expect a bunch of cyber knights (some label them ‘unicorns’) to come riding to the rescue. Take a look around your organisation. You might not find the experience you desire but there’s likely to be the necessary IT skills. Mentor, educate and invest in your existing people.
  • Be creative. The talent you’re looking for doesn’t tend to communicate through traditional channels. Meet prospective candidates on their terms and reach out via Social Media, at industry events and forums. Experiment and take a break from the norm.
  • Enhance your attraction. When we talk about anything cyber it conjures up a number of images. Cutting edge. Advanced. The new. Therefore, it stands to reason that your brand needs to look the part and be aligned with these characteristics to appeal to cybersecurity pros.

If you’d like to chat about attracting cyber talent then drop me a line at

Back to Insights

What to read next