I recently read this article written by SC Magazine: Technology, Process and People can close the cyber talent gap.
Here is a summary of the article:
The cybersecurity industry has been talking about the talent gap for decades, and globally, it has gotten worse.
The solution lies with a combination of:
* AI and Automation -> focused on mundane tasks (prioritizing security alerts, reduce FP, and containing/remediating threats), but not so great when it comes to teaching end user best practices, and hunting bad actors/insider threats.
* Diverse Hiring Practices -> diversity improves the overall outcomes of the team, companies can also foster inclusivity internally (invest in your employees),
* Giving back to the Security community
Some issues that I have seen are people wanting the best of the best, for as cheap as possible.
I know that companies need to change their expectations and requirements for the roles they are posting (ex: entry level, but require 4 years and CISSP – that’s just a tad ridiculous).
So what else can we do to close this gap? What are we missing?