This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.
Finding and hiring the talent we need in security is a curiouschallenge.
The debate about talent - and how to find it - is likely to continue into the foreseeable future. The purpose of the Leading Security Change program on the topic is to advance solutions.
I came away from the panel with some interesting realizations. Part of the solution is rethinking the pathway and how we get involved in the process.
I ask you to do the same.
Mine was the confirmation that the need isn't technical competence. We can teach people the technical aspects of security. Maybe we can develop better methods, but it's not the challenge.
Curiosity: what do you need?
That's the word that stays with me. Even after writing the road map, conducting the POV interviews (here, here, and here), and leading the panel (recorded & transcribed). When I step back to reflect, the word curiosity stands out.
I recognize the curiosity in myself. Maybe you do, too. Many cite the desire for someone curious as a need for success in security. It makes sense. Much of security is figuring things out from many perspectives to make better decisions.
That puts an emphasis on hiring for fit and aptitude over technical competency. The good news is curious people abound. Many seek a pathway into security.
With that in mind, maybe the cries for talent are more perception than reality. The real challenge is defining what we actually need. Perhaps it starts with better ways to get the experience we need to make the assessment on aptitude.
Better experience is a two way street
How many times have you hired someone only to find out they didn't fit?
It happens. It happens a lot.
It's a challenge to define what we need for security. It is even harder, then, to try to discern fit through an interview. Or a an interview series.
A theme from the panel was clear: the real opportunity is experience. We need experience with the candidates as much as they need experience in security. Whether we hire insiders or get involved in our local communities, we need to work with people.
By working alongside people we get a truer sense of who they are. We find out about their curiosity. We learn how they learn. And in my experience, when we work with others, we learn more about ourselves, too.
Sign up for CIO Asia eNewsletters.