December 13, 2021 | 2 minute read
Cybersecurity is a profession where managers need objective levels of assurance their employees have the knowledge and skills for the work roles they are performing. By comparison, employees need managers to take interest in their growth as cybersecurity professionals, with opportunities to increase their knowledge and skills. The process of recruiting, assessing, identifying, hiring, training, and monitoring career journeys to ensure employee retention over time, is an ongoing challenge within most organizations.
Traditional approaches to employee training, whether internally through a Learning Management System, taking courses through an academic institution, or bootcamp certifications, are not delivering the quantity of talent needed in many organizations. These approaches are continuing to fail to curb the increase in cybersecurity job openings, growing almost 20% in the past year to a whopping 597,767 unfilled positions according to the latest CyberSeek data. Significant increases in entry-level hiring and apprenticeships are needed across the U.S. if we are going to improve the dearth of talent in this profession.
Increasing the pool of prospective talent requires recruitment from more than one source. For example, one of the most encouraging pipelines is the 3M+ high school students graduating every year in the U.S. The more young people exposed to non-traditional STEM paths, the sooner public and private sectors will be able to fill vacant positions and close skills gaps. This is especially true of exposure to cybersecurity knowledge and skills. The National Initiative for Cybersecurity Education (NICE) Framework was created to establish a standardized set of building blocks for describing the tasks, knowledge, and skills that are needed for cybersecurity work performed by individuals and teams. It is intended to be a living document for organizations to systematically build their workforce and have continuous readiness with the knowledge and skills required to fulfill open positions.
The NICE Framework enables a process where an individual interested in the cybersecurity profession can establish a skills portfolio, allowing an objective way to measure one’s growth throughout their cybersecurity career journey. The NICE Framework functions as the connecting roadmap between all stakeholders, including: job seekers, working professionals, employers, academia, training providers, and government. The NICE Framework provides structure via a widely adopted taxonomy and common lexicon for improving our collective cybersecurity posture across the U.S., by focusing on the assurance of relative skills in place that can be applied when needed.
CyberKnights is a cloud portal built with the NICE Framework as the baseline and foundation to operationally execute this categorization of cybersecurity work. Our platform is cross-functional for organizations, customer-centric, and serves as a non-traditional approach to talent assessment, development, and retention. Visit www.cyberknights.us to understand how all stakeholders are interconnected in a seamless roles-based process to benefit individual, employer, and educator goals.