Jeff Stone of CyberScoop argues that the dire prediction of a shortfall of millions of cybersecurity workers, including 500,000 in North America, is largely a self-inflicted injury. The lack of qualified job candidates isn’t just a supply-and-demand issue, but also a deeper failure of bias, expectation, compensation, and commitment to effective recruiting and retention, analysts argue.
Common problems he cites are offering entry-level salaries for jobs requiring advanced degrees of years of experience; not giving CISOs the resources to do their jobs properly; not having enough positions in security, such that the best candidates see no career growth opportunity; hiring remote workers at lower salaries, who are less likely to stay; and overlooking neuroatypical candidates who may be well suited to the work.
