woman in blue jacket looking at tablet

Cyber work readiness diagnostic

Back to Cyber Risk Overview
Cyber Risk Services

Assess: Cyber work readiness diagnostic

What the future of work means for cybersecurity

Work today is completed using a plurality of means – traditional employees, contractors, freelancers, volunteers. And the workforce is more agile than ever — accustomed to working anywhere at any time, enabled by digital means and technology. But as the global work environment continues to evolve, so too do cyber risks. Therefore, organizations need forward-thinking talent management strategies that address this new reality, particularly in IT departments and cyber defense centers.

Willis Towers Watson’s cyber claims data shows that more than half of cyber incidents are due to negligent or accidental employee behavior. This data highlights the need for organizations to win the “war” to recruit, retain and train key cybersecurity talent – a major challenge for organizations today. Truly effective cybersecurity requires constant organizational readiness that only adaptable and skilled information security professionals can provide. Talent shortages and growing gaps in critical skills make attaining this state a significant hurdle for many organizations.

Willis Towers Watson’s Cyber Work Readiness Diagnostic (CWRD) – an on-site, all cyber function analysis – helps organizations develop strategies that define the nature and scope of their cybersecurity work; identify personnel and skills gaps that present current and anticipated risk; establish a workforce plan to attract and keep the qualified employees they need; and make plans for a contingent workforce, where needed.

Are you Cyber Work Ready?

With over 80% of cyber functions anticipating headcount growth and changes to their cyber and IT organization structures, boards, management, CISOs and CHROs are requiring work strategies to define the changing scope and impact of cyber work, and identify the emerging skills and talent gaps. The cyber work readiness diagnostic enables organizations to address these issues.

The Cyber Work Readiness Diagnostic helps clients:

  • Identify the kinds of activity that the client’s cybersecurity work involves
  • Prioritize skills and personnel gaps in order to address the client’s most significant workforce vulnerabilities
  • Develop action plans and roadmap recommendations to, among other actions, align the right cybersecurity personnel to areas of greatest cyber risk
  • Generate a powerful business case for cybersecurity budgets and related resource allocations

Case study

Developing a cybersecurity work strategy for a Technology, Media and Telecommunications (TMT) company

The Challenge:

A TMT company wanted to ensure that it had the talent base and organizational structure necessary to address the evolving cyber threat landscape. Willis Towers Watson was hired to evaluate the organization’s capabilities, skills and readiness to address cybersecurity and to develop a workforce strategy to enhance oversight and responsiveness to information and cybersecurity.

Business objectives

  • Evaluate the organization’s ability to confront cybersecurity risks from a critical skills, workforce and organization structure perspective.
  • Define a work model for the requirements of work in cybersecurity to be leveraged across roles in the unit, and in other areas, such as, technology.
  • Identify career opportunities in the information security talent space.
  • Build an organization design that mitigates cybersecurity risks while remaining cost efficient.

The Solution: Willis Towers Watson’s Cyber Work Readiness Diagnostic

  • Applied Willis Towers Watson’s Information Security Work Architecture to reach consensus on the nature of work in cybersecurity for a common definition across multiple cyber teams.
  • Completed workforce plans for each cybersecurity unit to identify role and talent gaps compared to benchmark and current workforce.
  • Identified alternative means for the work and organization structure to address skills and talent gaps.

Business outcomes: financial, organizational, people and capabilities

  • Addressed unplanned talent acquisition and default talent strategies that had the unit doubling in size, thus, creating significant savings for the company.
  • Identified critical talent gaps, resulting in the reduction of invalid roles for the unit while recognizing >80% skills fit for talent in place.
  • Defined a work and career model recognizing the unique career paths in the information security field.

Deployment Options

Cyber Work Readiness Diagnostic is a consultative engagement that can be delivered on-site in one of three ways:

  • Option 1: Three 2 – 3 hour meetings with key information security team leaders and other stakeholders
  • Option 2: A single intensive workshop with the identified leaders and stakeholders
  • Option 3: Customizable workshop based on an organization’s needs or area(s) of focus

Why Willis Towers Watson

More than half of all cyber incidents begin with employees, so it’s a people problem. And the average breach costs $4 million, so it’s a capital problem, too. No one decodes this complexity better than Willis Towers Watson. As a global leader in human capital solutions, risk advisory and broking, we are well prepared to assess your cyber vulnerabilities, protect you through best-in-class solutions and radically improve your ability to successfully recover from future attacks. Explore comprehensive cybersecurity solutions at willistowerswatson.com/cyber.