The cybersecurity landscape is experiencing a dynamic shift. The 2023 (ISC)² Cybersecurity Workforce Study reveals a paradox in the industry: while the cybersecurity workforce has grown by 8.7%, the gap between the available workforce and the number needed to secure our digital world has widened by 12.6%, resulting in a nearly 4 million person shortfall globally. This situation is further complicated as 47% of cybersecurity professionals report cutbacks in their teams, yet 67% acknowledge a shortage of staff and 92% experience skill gaps.

This incongruity presents a significant challenge for managers tasked with rounding out their cybersecurity teams. It’s becoming imperative for organizations to not only hire the right people but also retain them effectively. Hiring for soft skills and training the technical skills is a strategic shift that addresses the dynamic needs of modern workplaces, especially in a field as fast-paced as cybersecurity.

The Rising Importance of Soft Skills

In the face of these challenges, the value of soft skills is becoming increasingly recognized. According to a 2019 Global Talent Trends report from LinkedIn, 89% of recruiters indicated that the failure of a new hire is often due to a lack of soft skills. This realization is pivotal: technical skills, while essential, can be taught, but innate abilities like navigating complex interpersonal situations, adapting to change, and thinking critically under pressure are far more challenging to develop.

Soft skills such as effective communication, empathy, teamwork, adaptability, and problem-solving are the bedrock of successful teams and leaders. These skills enable individuals to collaborate effectively, lead with confidence, and adapt to ever-changing industry landscapes.

The Case for Hiring Based on Soft Skills

Cybersecurity, a field known for its fast-paced and ever-evolving nature, particularly benefits from this approach. Often, new entrants to the field may possess some cyber education or certification but lack practical, hands-on experience. Hiring for soft skills opens doors to a broader talent pool, including young graduates, those making mid-career transitions, or people coming from diverse backgrounds who might not have specific technical skills but bring valuable life experiences and transferable skills.

Advantages of This Approach               

• Enhanced Team Dynamics: Individuals with strong soft skills contribute positively to work environments, fostering collaboration and improving team morale.
• Increased Adaptability: Employees with well-developed soft skills are better equipped to navigate changes, making organizations more agile and resilient.
• Long-Term Growth: Investing in technical training builds specific skills for roles and demonstrates a commitment to professional development, leading to higher engagement and retention rates.

In some cases, particularly in highly specialized technical roles, prioritizing technical skills is necessary. However, for roles involving significant interaction, teamwork, or leadership potential, prioritizing soft skills is often brings a bigger return on investment in the long term.

The Balancing Act in Hiring

Even experienced workers can take months to fully adapt to a new role. The absence of soft skills can prolong this adjustment period. Issues like communication challenges, collaboration difficulties, problem-solving delays, and adaptability concerns can hinder progress and affect team dynamics.

Finding the ideal candidate with the perfect mix of technical skills and exceptional soft skills is like searching for a needle in a haystack. Most job postings and hiring processes focus on technical skills, often overlooking the importance of soft skills. Yet, the presence of strong soft skills like adaptability, effective communication, and leadership potential can be game-changers, especially if the organization is willing to invest in developing the technical skills of its employees.

What can you do to support this shift?

Tailor job descriptions to the right talent. The way job descriptions are crafted can significantly influence the applicant pool. Emphasizing soft skills and the availability of technical training can attract candidates who can grow into their roles and bring diverse experiences and perspectives to the team. Job descriptions should clearly highlight the valued soft skills for the position, using inclusive language to encourage a diverse range of candidates. Describing the company culture and how these soft skills contribute to organizational success can help potential applicants see the company’s value in these traits.

Implement a holistic hiring process. A holistic hiring process that goes beyond resumes to assess candidates’ potential, personality, and alignment with company values is essential. Behavioral interviews, practical assessments, and group interviews can provide insights into a candidate’s soft skills and problem-solving approach.

Promote training and development. It’s crucial to provide training programs, mentorship opportunities, and career progression pathways. Transparency about support for professional growth can make positions more attractive to candidates eager to learn and develop their skills.

But wait, we just covered the fact that many cybersecurity teams are running with minimal staff so how will they have the time to provide the mentoring and training required?

Partnering with an organization that provides specialized training can offer significant benefits, especially for cybersecurity teams running short-staffed. This approach can help mitigate the challenges of developing technical skills in-house, while still ensuring that team members receive the high-quality training necessary to excel in their roles.

Benefits of Partnering with External Training Providers

• Access to Expertise: Training organizations often have experts who are current with the latest trends, tools, and threats in cybersecurity. This ensures that the training is relevant, practical, and up-to-date.
• Resource Efficiency: In-house training programs require significant resources to develop and maintain. Outsourcing training allows your team to focus on their core responsibilities without the added burden of creating and updating training material.
• Scalability and Flexibility: External training programs can be scaled to fit the size and needs of your team. They often offer a range of learning formats, from online courses to in-person workshops, providing flexibility to accommodate different learning styles and schedules.
• Customization: Some training providers offer customized training solutions tailored to the specific needs of your organization. This ensures that your team is learning skills that are directly applicable to their daily responsibilities.
• Employee Motivation and Retention: Providing access to external training demonstrates a commitment to employee development. This can be a strong motivator and can help in retaining top talent. Increased retention means an increased return on investment.
  
  

Considerations When Partnering with a Training Provider

• Alignment with Organizational Needs: Ensure that the training provider’s offerings align with your specific cybersecurity needs and the skill gaps of your team.
• Quality and Reputation: Assess the quality and reputation of the training provider. Look for providers with a proven track record and positive testimonials from similar organizations.
• Cost-Effectiveness: Evaluate the cost-benefit ratio. While investing in training is important, it’s crucial to ensure that the training provides value and fits within your budget.
• Continuous Learning: Choose a provider that emphasizes continuous learning, as the field of cybersecurity is constantly evolving.
  
  

Partnering with an external training organization can be a highly effective strategy for cybersecurity teams, particularly those struggling with staffing shortages. It provides access to high-quality training and expertise without the overhead of developing in-house training programs. This collaboration not only enhances the technical capabilities of the team but also supports professional development and job satisfaction, ultimately contributing to the overall strength and resilience of the cybersecurity function within an organization.

The strategy of hiring for soft skills and training for technical competencies represents a powerful approach in today’s challenging job market. It addresses immediate technical needs and builds a resilient, adaptable, and innovative workforce capable of navigating the complexities.