Over the last few years, we’ve seen huge shifts in the IT and technological requirements or organisations in all sectors. The competencies your organisation sought from IT hires in 2017 will likely mean very little now, and even the way you spec’d cybersecurity job roles in 2020 will most likely not be the same in 2022, writes Graham Hunter, pictured, VP of Skills Certifications at the IT trade association CompTIA.
Hiring is always changing, and the tech needs or organisations are evolving at lightning speeds. One problem, though, is that there’s currently a big gap between the number of open job roles and the number of people qualified and applying to fill them. The industry that is perhaps suffering the most from these rapid changes to hiring needs is cyber security. In the UK alone, the cybersecurity industry requires 17,500 new workers a year in order to keep up with today’s demands. However, it has only managed to attract around 7,500 a year.
If this is the situation we find ourselves in, can hiring managers for cyber roles afford to be picky when it comes to candidates by sticking to the university degree requirements that have long served as a barrier to entry? Can employers afford to have their job descriptions act as moving targets of skills, ability, and knowledge, or adhere to a reactive hiring strategy?
As we enter 2022, we’re going to witness a big shift in how employers in all sectors consider and approach hiring for tech roles. Employers will be moving away from a reactive strategy for hiring to a proactive one, in favour of pathways that value the needs of both employers and workers. With current cybersecurity challenges as they are, employers must start considering not just their needs, but also the needs of the sector and workers’ and communities’ needs.
1)Adopting a Training and Certification Mindset
To successfully make this shift, organisations will need to take a two-pronged approach. The first of those two prongs is adopting a mindset that focuses on training, learning and certifications. For instance, the CompTIA Workforce and Learning Trends Report 2021 calls out the ‘operationalisation of a learning culture’ as one of the five biggest tech trends of the past year, and as one that will persist into the future.
The tools and talent for better tech and cybersecurity already exist within your organisation; this is something you can discover when you shift away from hiring people to meet immediate needs and instead invest in certifying the employees you already have. Cybersecurity is a part of every IT professional’s job now. Within the ‘always training’ paradigm, though, there’s no need to resort to panic-recruiting in the face of new threats, institutional restructuring, or data breaches.
Reskilling and upskilling your key assets – your people – using tried and tested certifications and knowledge delivered by a trusted training partner makes keeping your organisation up to date with the latest threats much easier. What’s more, big budgets aren’t required; this strategy can work even for employers who lack massive budgets and resources. A concerted effort by bodies like the UK Cyber Security Council means that formal accreditation and skills mapping for cyber roles can and will help ensure that both cyber professionals and non-cyber professionals can access the most relevant knowledge to keep their organisations safe.
Adopting this strategy also has the benefit that it means your people can see that you’ve made an investment in them and in their certification; this will boost retention and your organisational morale. What’s more, your teams will be stronger; once they’ve trained together and worked together on real projects, and trust that the leadership at the helm understands their value, they will gel and work together even better than before. As well as this, rather than reactively responding to every IT hiccup and then having to play catch-up on their other work, tech workers who train regularly can focus on learning new things, trying new things, and keeping tech spaces secure.
2)Improving On-Ramps
Training and reskilling cannot be your only priority, though. Just as important as training, retaining, and incentivising existing workers, is how you approach bringing new talent into the fold.
Smart, strategic on-ramps into tech like apprenticeships are among the best investments an employer can make in 2022. Apprenticeships breathe new life into workplaces by empowering managers to hire from pools of people who aren’t the “typical” tech candidates, such as people who don’t hold traditional degrees. This approach can be crucial for changing the dynamic of what remains a very homogenous tech sector; according to a 2021 report, women, ethnic minority, and non-degree holding candidates are underrepresented in all levels of cyber roles.
Ensuring that your organisation is populated with people from different backgrounds is important for growth. With newfound diversity of backgrounds comes diversity of ideas and perspectives; something very much needed in our current tech landscape. Pathways like apprenticeship promote retention: workers who know that an investment has been made in their success are more likely to feel valued and take their roles seriously. Even further, in the earn while you learn model of apprenticeship, workers can benefit from a mix of theoretical learning, and on-the-job, real-world scenarios. Active learning has long been shown to be a key driver of retention of information, and people who learn by doing in tech roles are able to thrive in this way.
Embracing the Shift
Change must be embraced. Within the new framework, organisations can shift out of perpetual tech triage mode and into an era of growth, security, and ideation. In the longer term, this shift may prove to be the business world’s silver lining. It will also create opportunities for those people who have for been barred from entering our sector for far too long. When employers make the move towards being investors and developers of talent, they can meet both their short and the long-term skills needs. At the same time, they can while help solve a social impact need and alleviate a massive workforce challenge. In 2022, we’ll likely see many more employers make this change; one that our collective cybersecurity and national tech presence will be much better off for.
