Today’s job market looks pretty good from the perspective of a qualified cyber professional. According to Cyberseek, there are over 300,000 cybersecurity job openings in the United States right now, and the Center for Cyber Safety and Education predicts that by 2022 there will be a global cyber-talent shortage of 1.8 million and growing.
With so many openings, cyber professionals can be particularly choosy, holding out for positions and workplaces that meet their personal and professional needs. Organizations cannot rely on salary alone to attract top tier cyber talent. This is especially true in government, where arcane pay rules developed in the 1940s and inflexible policy guidelines often hamper the ability of agencies to make competitive salary offers.
Working with the federal government and global organizations across multiple industry sectors, we’ve found that work environment can play a powerful role in attracting and engaging the elite teams that true enterprise security demands.
The nature of cyber work often means that it must be executed in an environment that’s faster-paced, more dynamic and quicker to adapt than that of its parent organization. In our experience, successful cyber practices generally share five key traits, which, you may be relieved to know, do not necessarily include expensive salaries, office ping-pong tables, on-site beer fridges or dress codes involving flip-flops and jeans.
Successful cyber practices have work environments that are:
Agile: Cyber work requires mental and managerial agility. Cyber employees need to be able to shift their work and priorities quickly and decisively as threat tactics evolve, new circumstances become known and attack surfaces change.
Multi-functional: Cyber is a team sport. A strong cyber practice is built of teams with diverse knowledge sets and mindsets who can quickly work to tackle emerging issues — and execute a variety of activities at once. Your employees do not have to be good multi-taskers, but your overall cyber capability does.
Dynamic: Cyber professionals embrace learning. With threat actors across the globe developing array after array of new threats, your cybersecurity work practice must continuously adapt as it stays informed. By focusing on reskilling of your workforce, your cyber capability will be ready to solve new problems.
Flexible: Cyber threats move fast, and cyber employees crave new challenges. To meet these needs, your practice must be enabled to conform to new areas of focus. Your cyber organization needs to be infused with a talent management strategy that anticipates needs and allows employees to change their roles to increase your capability’s flexibility.
Informal: Cyber professionals will tend to thrive in a nontraditional environment. Cyber candidates and team members will likely look for highly flexible working hours, the ability to decompress after intensive sprints, and the ability to work in a manner suited to the nature of the work, not the nature of the parent organization.
Creating these conditions for your cybersecurity professionals will allow your cyber organization to adjust quickly to tackle any challenge. In practice, your cybersecurity division might need to have different work locations, matrixed reporting lines, round-the-clock shifts and a more relaxed dress code than other segments of your workforce.
The budget process for your cyber organization might be centered around technological investments or on a different, more adaptive timeline to meet shifting threats. Most importantly, given the work requirements, a cyber practice must have leaders who not only share a competitive nature and passion for technology, but also have a proven track record of thriving in dynamic, multi-functional settings.
Abby Cashman is a principal at Booz Allen Hamilton and is one of the firm’s leaders in human capital and organizational improvement. She manages the delivery of human capital efforts across Booz Allen’s Civilian Services Group.
Erin Weiss Kaya is one of Booz Allen’s leading Cybersecurity Human Capital Experts, with an expertise in developing high performing cyber talent. She has served as a consultant and subject matter expert to executive teams in the federal government, the private sector, state government agencies and nonprofits.
Joseph Thompson is a senior human capital strategist with Booz Allen Hamilton. He is also one of the firm’s leading cybersecurity human capital experts, with a particular focus on helping clients develop and execute effective strategies that will help them “win the war” for cyber talent.