Practical Recommendations for Organizations to Effectively Manage and Expand Information Security Talent Pipelines

March 17, 20168:33 am1901 views

The widening information security talent gap continues to fuel the greatest challenge of our time: The continuous threat of data breaches on both businesses and individuals. As technology evolves and more data is created, pressure is put on organizations to respond to the challenge quickly.

IT leaders rank cyber security among their top concerns, yet the scarcity of IT talent and lack of development opportunities for new entrants leaves organizations struggling to meet the challenge. This is according to a new global survey of senior IT managers by Experis, the professional resourcing and project-based solutions arm of ManpowerGroup.

These findings are detailed in a report titled, ‘Protecting Your Organization in a Talent-Scarce Market.’ Cyber security is the most frequently cited in-demand skill set globally (32%), nearly twice as much as the next mentioned skill set, software development (18%).

This perceived talent shortage aligns with market data which suggest the gap between supply and demand for cyber security professionals globally will be nearly 1.5 million workers by 2019.1

“The information security threat is one of the biggest risks organizations face today, but as the demand for skilled professional skyrockets, there simply aren’t enough of them to go around,” said Ram Chandrashekhar, Global Head of ManpowerGroup’s Experis business.

“Employers need to anticipate their growing talent needs, implement development plans for current employees and create a robust talent strategy for the future.”

See: How to Build a Strong Talent Pipeline within Organisations?Information Security Talent Pool

Protecting Your Organization in a Talent-Scarce Market offers recommendations for employers on how to manage their IT talent pools and deal with the widening security talent shortage:

  • Make information security talent management a priority. Ensure that the C-suite and boardroom are educated and engaged in an ongoing dialogue with IT leaders to create a flexible plan that can adapt to emerging security risks.
  • Evaluate staff. Institute an annual skills inventory process to identify and track critical security skills employed or anticipated by your organization to aid in career development, resource retention and staff acquisition planning.
  • Grow from within. Develop in-house talent by providing hands-on, cross-functional opportunities in real-world situations.
  • Carefully evaluate new talent before hiring. Incorporate a screening process by experienced security staff to help vet resumes and better understand the functional areas and skills needed.
  • Manage the talent supply chain. Match your resourcing strategy to your specific need and consider alternative options like contract expertise or thought leadership, project-based consulting and deliverables-based temporary staffing initiatives.

“Information security is a fast-changing field and companies having to explore new talent models to keep up,” said Ganesh Ramakrishnan, Global Chief Technology Officer, ManpowerGroup.

“Clearly organizations need to do a better job developing talent internally, but given their fast-evolving IT needs many are also turning to outside vendors for help.”

The research examines the question of workforce composition and finds that two-thirds of organizations still rely on a single resourcing strategy — 52% only use permanent employees, while 15% only use contractors.

The study concludes that the best results tend to come from hybrid models, used by 33% of employers that combine in-house teams with third-party expertise.

Image credit: and

Also read: Collaboration to Create Talent Pool of Cyber Security Professionals in India

(Visited 1 times, 1 visits today)