Intelligent CIO Middle East Issue 32 | Page 97

//////////////////////////////////////////////////////////////////// t cht lk alternatives to these highly-sought after workers becomes ever more pronounced. To do this, recruiters need to thoroughly understand the job role and develop comprehensive, succinct position descriptions when scouting for fresh talent. An important aspect of this is deciding between what an individual can be trained to know, versus knowledge they must possess as basic competencies, and therefore open opportunities for candidates who may not be highly skilled or technical. John McCumber, Director of Cybersecurity Advocacy, (ISC) 2 organisations must break down barriers and diversify their recruitment efforts beyond well-versed, experienced candidates and recognise the value in training non-technical employees, students and fresh graduates. In the UAE, young adults represent a substantial talent pool from which to choose. According to a survey commissioned by Raytheon, Forcepoint and the US National Cyber Security Alliance (NCSA), youth in the UAE are considerably more likely to choose a career in cybersecurity than their peers elsewhere in the world. The survey also discovered that the country has been successful in engaging most youth to try activities that would let them test their interest and aptitude for cybersecurity careers, which is an encouraging indication for the industry in this region. Looking beyond specialised security talent As per the results of our 2017 Global Information Security Workforce Study, nearly two-thirds of respondents (63%) said their organisations have too few cybersecurity workers. This means that businesses will be woefully understaffed in the years to come, unless hiring managers change the trend of buying experience. It is necessary for recruiters to challenge the myth that the best security professionals are those who have specialised backgrounds and training. With job mobility being as high as it is for experienced security staff – nearly 46% of professionals are contacted at least once weekly by recruiters and one in five (21%) are contacted every day – the need to find “ RECRUITERS NEED TO THOROUGHLY UNDERSTAND THE JOB ROLE AND DEVELOP COMPREHENSIVE, SUCCINCT POSITION DESCRIPTIONS WHEN SCOUTING FOR FRESH TALENT. This approach can translate into long-term benefits for the business. Not only does it offer career advancement opportunities for employees, but also translates into significant savings for the management, as giving employees a skills upgrade can often prove to be more cost-effective than recruiting seasoned professionals. The industry moving forward To ensure preparedness for a future in which cyberthreats become ever more common, companies must develop a solid understanding of the investment required to ensure resilience. Gartner predicts worldwide enterprise security spending will total US$96.3 billion (roughly AED353 billion) in 2018, an increase of 8% from last year. New regulations (such as the EU’s General Data Protection Regulation, GDPR), shifting buyer mindset, awareness of emerging threats and increasing digitisation are some of the factors that are driving this increase in investment. Developing robust security capabilities are necessary as we move further into the golden age of threat. Even though the dynamics of vulnerabilities and threats have evolved rapidly, the basic elements of risk management have not changed and businesses must recognise that people are the critical component to keep us ahead of the curve. As we move into a complex and unrelenting cyberthreat landscape, it is essential to understand exactly what these threats are, recognise vulnerabilities, develop an understanding of what assets and missions are critical to the organisation and equip security teams with the skills necessary to meet these challenges. n INTELLIGENTCIO 97