This observation is known and shared by all: with 15,000 jobs to be filled in France in 2022, the talent shortage is in full swing in the field of cybersecurity.
However, there is still a gap between words and deeds: on the one hand, companies, faced with an acute shortage of resources, declare that they are ready to recruit “any profile”; On the other hand, these same companies are, in fact, less inclined to give atypical profiles a chance and break out of the “strong in Mathematics / B.A. +5 / Engineering” triple. The immediate injunction is strong and continues to require new cyber security recruits, whether just trained or still in training, to be operational from day one, with a strong background in networking, security, and governance…
Let’s be clear: We can’t train “internet” experts in 12 months, as they’ve spent more than 12 years building their expertise. On the other hand, we can train potentials who will gain the right feedback to professionalize themselves and build their career in this field. In the event of a labor market shortage, companies should invest in this potential for 2 or 3 years to attract, train and retain it. Otherwise, their situation will remain the same… in two or three years. Since the resource shortage is global, companies also cannot count on being able to “import” this talent.
HR And Internet managers So they must work together to better qualify their needs and overcome two problems: post job offers that list tasks that only experienced consultants can accomplish; Systematically requiring applicants to justify a Bac +5 level while activities can ideally be carried out by lower level applicants (bac +2 or bac +3).
when we talk about Electronic securityWe’re not just talking about computer security. Other than IT, cyber security also covers the concepts of governance, physical security, normative and regulatory compliance … Thus, if a minimum technical base is necessary to work in cyber security, it is not necessary to know how to program (for example). Among the thirty deals listed byANSSI In the panorama of cybersecurity careers, many require a solid knowledge of the professions, processes, and organization of the company in which the individual works. In other words: cyber security is not just about the profession of “ethical hacker”.
Thus, the image of the masked geek is here a unique opportunity: an opportunity, because it offers an icon that Hollywood and Netflix have captured and makes a great loss-making leader to encourage careers and attract talent; Limit, because it is a piracy activity that represents at best 3% of the field and limits the diversity of profiles that the sector attracts.
To reiterate: cyber security is a broad field. So far limited to purely technical aspects, it should open up to broader considerations and attract different profiles that are more representative of society and our multiple digital identities that must be protected.
Vocational retraining is an essential vector to compensate for the lack of resources that involve the necessary cooperation with the organizations working in order to return to work, such as Employment centerAnd your fatherAnd Pro transitionsand local missions.
So yes, we can end the cybersecurity talent shortage if we go beyond sonorous phrases In the present (Internet, artificial intelligence, big data, cloud, blockchain), to gain maturity and develop employment standards, to invest today in tomorrow’s resources. The responsibility for cyber security training lies with the entire sector. Responding to training and staffing issues, moving the lines, and combating bias necessarily requires a joint response.
Tribune Posted by Patrice Schlemm, Director CSB. School
<< اقرأ أيضًا: الأمن السيبراني: كيف تحبط عمليات الاحتيال عبر الإنترنت خلال عطلتك هذا الصيف؟ >>>