Additionally, Security Boulevard reports that by 2025, the global costs of cybercrimes are estimated to hit $10 trillion, and Accenture states there has been a 435% increase in ransomware since 2020. Clearly, we can no longer afford talent gaps and unfilled positions.
At the same time, it’s not just about bringing more people into the industry. A big part of the issue is how we solve the problems of corporations and governments that already have their existing employees and cybersecurity skills.
People working for different enterprises or government agencies require some level of cybersecurity training and skills – whether it is a companywide approach to security awareness, developers that need application security training, or IP and security people that require ongoing training.
In other words, someone filling a cybersecurity role doesn’t necessarily qualify them to prevent and counteract the ever-evolving cybersecurity threats effectively.
What can a leader like you, who is responsible for preventing cybersecurity threats, do about this?
You create the vision for your cybersecurity action plan, from the software you use to the talent that keeps your organization safe. This includes repurposing, upskilling and reskilling employees in other organizations to be a cybersecurity experts.
Why would you want to do this, you may ask? It is costly when employees quit.
In fact, according to Gallup, it can cost a company 1.5 times an employee’s salary when that employee quits.
Imagine if 10 employees making $100k quit; that’s (1.5) x (100,000) x 10, or $1.5 million an organization loses from attrition.
Even worse, the more senior the employee, the more expensive it gets — with Directors and above costing five times their salary if they leave.
Instead, imagine upskilling and reskilling some of those flight-risk employees and offering them a new role that will be both engaging and rewarding.
Again, according to Josh Bersin and his extensive data on the topic, there is hope. Many employees from other career paths actually do transition into cybersecurity.