By now, it’s no secret that cyber attacks pose catastrophic risks to businesses large and small. The rise of remote working, the digitalisation of businesses, the expanse of IoT devices, the availability of hacking tools…these have all thrust cyber security under the noses of even the most reluctant executives.
But just how big is the risk in 2022?
According to PwC’s Managing business risks survey, the answer is ‘very’.
40% of respondents (722 US executives) rated ‘more frequent and/or broader cyber attacks’ as a serious risk. This topped the list of concerns for business leaders. Following closely behind was ‘talent acquisition and retention’, with 38% rating this as a serious risk.
As a Specialist Cyber Security Recruitment Consultancy, Focus on Security’s expertise lie in all things cyber security and recruitment, so we thought we’d weigh in on the matter.
Cyber security issues rated the #1 risk to businesses
Business leaders believe cyber threats are a bigger risk to their organisation than any other. Historically, cyber security has been largely left as an IT issue – ‘for the attention of the CISO’. Gartner suggests the role of the CISO needs to change, because accountability for cyber risks has shifted outside IT. We’re starting to see that change. In the PwC survey, 51% of board members rated cyber attacks as a serious risk (and 35% as moderate), and this is the highest percentage compared to any other category of business leader.
Clearly, the cyber security landscape is changing. PwC suggest that building cyber security strategy into every initiative and implementation will be a good step for your organisation, viewing it as a broad business issue, not just an IT issue. Another recommendation would be to invest in training all staff, taking a holistic approach, instead of the traditional compliance-centric training. You’ll also need to monitor your level of risk closely.
The question is, do you have the staff to manage this?
Staff recruitment and retention
This is the second biggest risk to businesses, according to survey respondents. Interestingly, companies are focused on growth, but are streamlining their work forces. Despite 50% of business leaders cutting down their headcount, finding and retaining staff is still a major concern.
It’s about being able to find the right talent, and the right mix of skills – quality over quantity. This is particularly difficult when the talent market is candidate-short, as it is currently. With the ever-increasing use of technology in business, and the automation of processes, it’s important not to skimp on talent in this area, particularly in relation to cyber security professionals.
So, what are business leaders doing to tackle the staffing challenges? Remote work opportunities have expanded, attracting new talent looking for a more flexible work life. HR strategies are also being examined, and leaders are considering acquisitions to gain access to talent.
PwC recommend further analysing your workforce to understand the skills and capabilities you need now, and will need in the future. They also recommend investing in driving the right culture, and focusing on employee engagement. This is particularly pertinent with cyber security professionals; ThreatConnect found that 32% report being very stressed about their current job, and 55% say their stress levels have increased in the past 6 months. Cyber security professionals are burning out, and it’s causing high staff turnover in the industry. Retaining the talent you need is far more time and cost effective than hiring new staff. Addressing the reasons why your cyber security staff are burning out and/or leaving will kill two birds with one stone; ensuring you are tackling the risks to your businesses posed by both cyber threats and staffing concerns.
How can we help?
Finding the right cyber security talent, and keeping hold of them, is no easy task. You need to first understand where the skills and capabilities you need are lacking, and enter your recruitment process with this in mind. Many businesses are not in a position to pursue acquisitions to gain access to talent, but there are other options.
Focus on Security are the experts in cyber security staffing. Our Recruitment Specialists focus solely on the world of cyber security talent, and have extensive networks of top-rated professionals. We focus on the entire recruitment process, starting with identifying the talent you need, taking into account your business processes and goals. Once we’ve pinpointed what you’re looking for, we can call upon our resources to find the right fit. We consult with you throughout the hiring process, and advise on how to retain talent after.
Get in touch today to see how we can help your organisation.
