Credit: iStock Security breaches are rising across all industries, with cybercriminals leveling up their playbooks and increasing the volume of attacks. As if trying to stay ahead of adversaries weren’t enough, security leaders are also working to manage another risk: a talent shortage.Organizations are finding it hard to attract and retain security professionals—especially those who work in Security Operations Center (SOC) roles as these teams are strained and facing burnout. In fact, 65% of SOC professionals have considered quitting their jobs. Other security-focused positions that are in demand but difficult to fill include cloud security specialists, network security architects, and penetration testers.Given the cybersecurity talent shortage, recruiting and retaining qualified professionals will inevitably require creative strategies among organizations looking to fill related roles. From embracing untapped talent pools to finding ways for professionals to build and advance core technical skills, here are several ways we can collectively shrink the cybersecurity skills gap.Offer ongoing training opportunities for existing security professionalsAs organizations of all sizes struggle to recruit qualified security professionals, leaders inevitably worry about retaining the analysts they already have on staff. Offering your team members opportunities to pursue advanced training and certification programs not only keeps their skills sharp but is a great way to enhance employee experience and job satisfaction. According to a study conducted by the Society of Human Resource Management (SHRM) Research Institute, 86% of human resources managers surveyed say that offering ongoing training helps with staff retention.There are numerous high-quality cybersecurity training and certification programs available. One example is theFortinet Training Institute, which offers a variety of both self-paced and instructor-led training and multi-level certifications programs for learners of all skill levels. Programs like these give participants the security, networking, and IT knowledge needed to help them progress in any role and at any point in their career. For those just getting started in the industry, these programs offer strong foundational knowledge to set learners up for future success.Recruit talent from untapped communitiesWith a cybersecurity workforce gap of 3.4 million people, businesses can’t rely on filling open positions only with “traditional” candidates—those with four-year cybersecurity degrees or individuals with related work experience. Attracting new talent to the field is an essential component of addressing the skills shortage, and offering accessible cyber training is a great way to recruit professionals looking for a career change.Veterans are a great example of a talent pool that can be a tremendous asset to the cybersecurity industry. Recognizing that those in the military community have many transferrable skills—such as leadership, communication, and attention to detail, to name a few—Fortinet is committed to helping veterans transition to careers in security. The Fortinet Veterans Program helps prepare veterans for roles in cybersecurity by offering training and certification opportunities to develop the necessary skills, mentoring and networking programs, and connecting these individuals with employer partners actively recruiting for cybersecurity roles.Additionally, women make up only 24% of today’s cybersecurity workforce. Yet a wealth of data illustrates the many benefits of building diverse teams. For women looking to jump start a career in cybersecurity—or for those who work in the technology sector already but are interested in exploring security-focused roles—numerous resources are available to support that transition. Organizations like WiCyS provide members access to industry-leading training and certification curriculum, networking and mentoring programs, internships, and full-time employment opportunities. And the SANS Institute offers several education programs for women interested in pursuing cybersecurity roles, such as the accelerated Women’s Immersion Academy program and the New2Cyber curriculum that teaches foundational cyber skills.Partner with and recruit from higher education institutions As cyberattacks grow in volume and sophistication and the skills shortage continues to strain security teams, many colleges and universities are dedicating more resources to creating or expanding cybersecurity-focused degree programs. Today, almost 400 higher education institutions have earned the “National Centers of Academic Excellence in Cybersecurity” designation from the National Security Agency—a stark contrast compared to the 12 schools that had achieved this as of 2010.Public and private sector organizations have a role to play here as well and must partner with educational institutions to collectively build the future cybersecurity workforce. For example, the Fortinet Academic Partner Program works with over 500 colleges and universities globally to integrate the award-winning Fortinet Network Security Expert (NSE) training and certification courses into the existing curriculum. Initiatives like this help set students up for success by giving them the opportunity to earn industry-recognized certifications before they even begin searching for employment.Shrinking the skills gap requires thinking outside the boxCybercriminals aren’t slowing their operations anytime soon. The demand for cybersecurity talent will only increase, and the competition among organizations for qualified professionals will grow even fiercer. Our industry can work to shrink this skills gap in a variety of ways, from implementing initiatives to help retain existing team members—like offering ongoing professional development opportunities—to broadening the talent pools we typically recruit from. As a result, we can fill essential roles quickly, expand and advance our teams, and ultimately protect our organizations from a growing array of cyber threats.Find out more about how Fortinet’s Training Advancement Agenda (TAA) and Training Institute programs—including the NSE Certification program, Academic Partner program, and Education Outreach program—are increasing access to training to help solve the cyber skills gap. Related content brandpost Priorities in preparing for a ransomware attack: people, processes, and technology In the fight against ransomware, organizations can and should assess and prioritize their technology, processes, and people. By David Finger 27 Jun 2023 6 mins Security brandpost Effective security training programs are vital to creating a cyber-aware workforce Creating and maintaining a comprehensive training program increases the likelihood that employees have the necessary insight to identify potential attacks. By Rob Rashotte 26 Jun 2023 5 mins Security brandpost Taking a centralized approach to cloud security While using the cloud has many advantages for businesses, it also brings new difficulties that security teams of all sizes must be aware of and address. By Vince Hwang, senior director of products and solutions, Fortinet 22 Jun 2023 4 mins Cloud Security brandpost Reducing cyber risks by upskilling your security talent The threat landscape is moving at such an unprecedented pace that even the most well-staffed enterprises are finding it difficult to effectively protect their digital assets. By Rob Rashotte 22 Jun 2023 5 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe