Site navigation

Are Companies Botching Cybersecurity Recruitment?

Graham Turner


Cybersecurity Recruitment
Poor recruitment and training practices are sabotaging cybersecurity efforts.

The 2021 edition of the Life and Times of Cybersecurity Professionals report, released today, has served as a damning indictment of cybersecurity landscape.

Of the 489 cybersecurity professionals surveyed, 44% of cybersecurity professionals say that the skill shortage in this sector had worsened, while half said it was around the same over the past few years.

This shortage of key skill has had a negative knock on effect with professionals already working in the industry. One third have cited overwhelming workloads as the third most stressful issue in their day-to-day work life.

Following on from this, Six in 10 reported an increasing workload on existing staff, with roughly the same number highlighting an effect on work/life balance, and just over a third reporting an unhealthy level of job-related stress.

There was more bad news in the report as it’s survey finds that the top two stress factors for cybersecurity professionals were handling with IT projects created with no security oversight and dealing with disinterested business managers.


When asking cybersecurity professionals what the best way forward is, most are in a agreement that seeking new talent is not necessarily the answer.

Instead, comprehensive, frequent training to update skills and knowledge on security protocols for current staff were what 91% of professionals felt should be made a priority.

Recruitment teams have emerged as one of the most apparent weak links in the chain. There is no shortage of job offers, with recruiters soliciting 70% of respondents at least once per month.

However, those recruiters often don’t understand the sector, and the job offerings are poor resulting in staff that are ill-equipped for the rigours of the job.

Finally, a lack of competitive compensation was a common complaint, which is a problem given it is the second-highest indicator of job satisfaction.

Unrealistic job postings, such as demanding too much experience and too many certifications, were another common problem. This means new security postings often remain unfilled for weeks or months.

Graham Turner

Sub Editor

Latest News

Artificial Intelligence Editor's Picks Machine Learning MedTech
Cybersecurity Editor's Picks
%d bloggers like this: