In this subsection from our full Cyber Insurance research paper, Jenna discusses the most important factors in retaining incident response professionals and shares insights on the evolution of the industry in recent years.
Skip ahead to:
- Retaining incident response professionals
- The evolution of incident response
- Creative recruitment strategies
What are the most important factors in retaining incident response professionals, and why do businesses typically lose high performers?
Some of the most critical factors in retaining incident response professionals are transparency and the opportunity to make a difference in our industry. Incident response professionals have options even in a labor market where layoffs occur. Those impacted still have multiple offers to consider as their next employment opportunity.
The talent in our industry wants to work for an organization where leadership is transparent about the vision, mission, and outlook of their business and how the individuals can contribute as a team to protect the victims of a cyberattack in a meaningful way. Benefits and PTO are also important, but what weighs more heavily on an incident response professional is leadership’s proactive ability to spot burnout, encourage the team to maintain a healthy work-life balance, and emphasize the importance of their overall health and well-being, including mental health.
How has the role of the incident response function evolved over the last 2-3 years, and has that changed your requirements for talent?
The role of the incident response function has transformed with the evolving trends we have seen. In 2020, while Covid was thought to impact our industry negatively, it actually increased cases due to higher volumes of remote workers across the globe. In 2022, the tensions in Ukraine and Russia strained our workforce because they were not accustomed to lower case volume. Now, while volume has increased in 2023, there are again newer threats with the advancements of AI and the introduction of Chat GPT. Incident response professionals have always had to continually advance their knowledge of emerging trends and threats, and now even more so with the unknown of artificial intelligence and machine learning. The professionals in our industry are not ones to stay stagnant in their knowledge expansion and are constantly striving to stay ahead of new and potential attack vectors.
Over the past 2-3 years, we have also seen an increase in sophisticated attacks by younger threat actors; the Uber breach, for example, was conducted by a 19-year-old implementing MFA fatigue methods. A growing number of individuals are embracing cybersecurity at a younger age, and this trend has undoubtedly demonstrated within our industry that while degrees offer certain advantages, they may not be an obligatory prerequisite for professional opportunities. Instead, what truly matters is the candidate’s experience and potential to make a significant impact within an organization.
What suggestions would you have for other organizations to get more creative around securing incident response talent?
I suggest that organizations remain active in their conversations with incident response talent. Even if your organization is going through layoffs, downsizing, or pausing on hiring, these patterns are cyclical. It is the long-term relationship, outreach, and goodwill that is reinvested into incident response talent during these times will be remembered. The organizations that cared about providing introductions, expanding someone’s professional social network, and selflessly gave advice during these times are the organizations the talent will reach out to first when an opportunity arises on their team. Demonstrating true human empathy and knowing that talent overall (not just in our industry) are people with a genuine interest in contributing and earning a living for their families are what is core to understanding attracting talented folks into any organization.
Another aspect is investing in talent at very early stages in their career. Most organizations have put together associate, apprenticeship, and internship programs. Most of these early development programs require some level of professional experience. Investing earlier, while in high school with zero experience, will help spark an interest in early talent development and provide them with the hands-on experience they need to have a successful cybersecurity career. This approach will also tremendously impact reaching underrepresented people, which will have a meaningful and organic impact on the diversity of talent that organizations attract in the future. We can truly change how our team looks and thinks by incorporating these beautiful differences and advancing how we approach our industry’s future.
More on cyber security
- Read the full Cyber Insurance: Talent Trends Review 2023 report here
- Get the latest talent and technology trends impacting security in 2023 from Cyber Security in Focus 2023.
- Want to discuss the specific hiring challenges associated with building effective, successful security teams? Find out more about our cyber security recruitment team.