What Works in Finding Elite Cybersecurity Talent: Promising Practices for Chief Information Officers

Including: Using Certifications to Rank Cybersecurity Job Candidates

Get the full report

No registration required

The 2021 CIO Institute report on What Works in Finding Elite Cybersecurity Talent shows how CIOs are successfully addressing the current shortage of highly skilled cybersecurity professionals.

Finding and retaining elite cybersecurity professionals with the deep technical expertise to protect their enterprises from new and increasing ransomware and espionage threats continues to be among the most pressing challenges facing Chief Information Officers. These rare professionals are those with the skills to reduce attacker dwell time to avoid damage, perform world-class security assessments, engineer defensible security even in the cloud, conduct advanced forensics under pressure during attacks, identify and correct flaws in software-enhanced products and enterprise applications, and engineer cyber hygiene automation that ensures systems and applications remain at a high level of readiness. Importantly, although these professionals are needed across the public and private sector, they are also needed by military and intelligence organizations to defend critical infrastructure and military weapons systems and to project power in cyberspace.

The extremely high demand for elite cybersecurity performers, and the challenge that higher education institutions face in educating sufficient numbers of them, has been documented repeatedly. This “What Works” report shares lessons learned by CIOs who have implemented three promising approaches to building sustainable pipelines to provide this elite talent:

  1. Identify existing employees with high aptitude for elite performance, including non-IT employees, and develop them into productive cybersecurity professionals
  2. Recruit from colleges that are graduating cyber talent with strong hands-on cyber skills
  3. Build the pipeline of the future through local talent discovery initiatives and partnerships with colleges

Finally, because certifications are used widely to select which cybersecurity job candidates to interview, this What Works report also includes results of the first large-scale survey of the comparative value of cybersecurity certifications in choosing whom to interview.

To read the full report, click here.