woman in blue jacket looking at tablet

Cyber work readiness diagnostic

Addressing future of work for cybersecurity

Work today is completed through a plurality of means — traditional employees, contractors, freelancers, volunteers. And the workforce is more agile than ever — accustomed to working anywhere at any time, enabled by digital means and technology. And as the global work environment continues to evolve on both a macro and micro scale, organizations need forward thinking talent management strategies that take into consideration this new reality, particularly in the IT departments and cyber defense centers.

As evidenced by cyber claims reported to insurers on behalf of our clients, half of cyber incidents are created internally by employees — often unintentionally. These cyber vulnerabilities demonstrate the need to recruit, lead and engage a more cyber-savvy workforce. All organizations, no matter the industry and size, should recognize cybersecurity as a core business component. The stakes of failing to address cyber risks are high and include financial, technological and reputational risks. Further, considering the increasing, ever-evolving use of technology in work, coupled with a lack of training and talent shortage for work with technology, there is a risk of employees and workers in companies not having the necessary “cyber IQ” to safeguard information and handle data appropriately.

Are you cyber work ready?

To create a cyber-savvy organization, a learning culture that emphasizes applying acquired skills to business challenges is needed. For breached companies, this inability to create an ongoing learning environment may reflect a lack of emphasis on staying current with emerging business needs and trends, potentially including knowledge of how to circumvent attempts to acquire confidential and sensitive data by determined hackers. When we look at the gaps more closely in breached organizations, IT workers converge on a common theme related to training: inadequate onboarding. For IT staff, onboarding must cover the processes and procedures to manage cyber risk given the business environment.

With over 80% of cyber functions anticipating headcount growth and changes to their cyber and IT organization structures, boards, management, CISOs and CHROs are requiring work strategies to define the changing scope and impact of cyber work and identify the emerging skills and talent gaps. Learning and improved collaboration across cyber defense and IT teams is an important step toward cyber work readiness. Another key is recognizing where talent gaps exist due to skill deficits in the market and the extended time to onboard and reach productivity in a role.

Consider key areas of work that are increasingly important and in high demand with limited talent supply: architecture and engineering (the design of how technology systems and platforms relate), business acumen (effectively partnering with the business for product/service and cybersecurity integrity), threat intelligence research (data insights and hypothesis testing). CISOs and business leaders underscore that they need new talent in these areas and the time to hire and onboard the talent has been getting longer and longer — in some cases it can take 12-18 months by the time “productive talent” is fulfilling a role.

Cyber work readiness diagnostic