How to Upskill Tech Staff to Meet Cybersecurity Needs

Cybersecurity is the largest current tech skills gap; closing it requires a concerted effort to upskill existing staff.

Aaron Rosenmund, Director of Security Research and Curriculum, Pluralsight

August 18, 2022

3 Min Read
Source: Zoonar GmbH via Alamy Stock Photo

Cybersecurity challenges are exacerbated by a talent shortage in the cybersecurity workforce. In 2021, for example, there were more than 500,000 open cybersecurity jobs in the US alone. But the gap goes beyond "just" filling empty positions; there is also a gap between what existing staff know about cybersecurity and a never-ending onslaught of new cyberthreats.

Pluralsight’s "2022 State of Upskilling Report," which surveyed 760 technology learners and leaders on the most current trends in skill development, found that cybersecurity was the top personal skills gap among 43% of respondents. Further, 44% of respondents noted that cybersecurity skills gaps are the greatest current risk to their organization.

With the rate at which the cybersecurity landscape is changing, historical knowledge and time-worn methods rarely solve for the increasing complexity of today’s threats. Business leaders must take responsibility for providing their technologists with the tools and training they need to keep organizations safe and secure.

Indeed, businesses need to act quickly and aggressively to keep their technology teams apprised of current cybersecurity trends and threats.

Large Majority Want to Improve Their Skills

This may seem overwhelming, but the good news is that technologists are eager to bolster their tech skills. According to our report, 91% of respondents want to improve their tech skills. Technologists are also demanding that their organizations provide them with the means to do so: 48% of respondents say they have considered changing jobs because they weren’t given sufficient resources to upskill, and 75% of respondents said that their organization’s willingness to dedicate resources to developing tech skills affects their plans to stay with the organization.

Here are some recommendations for upskilling your technology teams to create an airtight cybersecurity program:

  1. Provide the right resources: The first step is to arm cybersecurity professionals with resources such as on-demand cybersecurity training, hands-on learning opportunities to understand both red and blue team perspectives, and flexible upskilling options that fit in with cybersecurity pros’ busy schedules. Cybersecurity training should not be optional for anyone within your organization, let alone your cybersecurity experts, but it needs to be administered in a reasonable and effective way.

  2. Create continuous learning opportunities: Your cybersecurity teams will never be done learning how to outsmart bad actors and how to future-proof your organization’s cybersecurity program. New cybersecurity strategies are constantly being developed to stay ahead of attacks. For example, the Zero-trust architecture is gaining traction in public and private businesses alike, ushering in new standard operating procedures for security teams. Staying abreast of cybersecurity trends takes more than superficial knowledge, however; it requires coordinated action in the form of testing, implementation, and evaluation to achieve long-term cybersecurity success.

  3. Create a culture of learning: By making learning part of the fabric of the organization, your tech teams can take a proactive, rather than a reactive, approach to cybersecurity. This means that your organization must have programmatic steps in place to constantly renew cybersecurity knowledge and best practices.

The bottom line is that the need for cybersecurity skills will only increase. The need for skilled cybersecurity pros also will grow. Organizations that prepare for the future of their security programs, rather than scrambling to block attackers only in the present, will be the best prepared to take on the latest threats.

About the Author(s)

Aaron Rosenmund

Director of Security Research and Curriculum, Pluralsight

Aaron M. Rosenmund is the Director of Security Research and Curriculum at Pluralsight. He is a cybersecurity operations subject matter expert, with a background in federal and business defensive and offensive cyber operations and system automation. Leveraging his administration and automation experience, Aaron actively contributes to multiple open and closed source security operation platform projects and continues to create tools and content to benefit the community. As an educator & cybersecurity researcher at Pluralsight, he is focused on advancing cybersecurity workforce and technologies for business and national enterprises alike. In support of the Air National Guard, he contributes those skills part time in various initiatives to defend the nation in cyberspace. Certifications: GIAC GCIA, GIAC GCED, CCNA Cyber Operations, Pentest+, CySa+, CASP.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights