On this week’s episode of Reimagining Cyber, hosts Stan Wisseman and Rob Aragao had special guests, Jim Routh and Damon Carter, to discuss the approaches that need to be taken to break the mold on how to recruit and develop cybersecurity professionals. Routh has had an impressive career leading cybersecurity programs for some of the largest organizations in the world, such as Aetna, CVS, and American Express. On the other hand, Carter has had a spectacular career leading HR organizations at companies like Aetna and GE Express Scripts. These two leaders have the knowledge and experience to help shape how the cybersecurity industry finds new talent.

It is no secret that the community currently has a cyber talent gap. To meet the growing demand for cyber professionals, companies need to be hiring at lightyear speed. Jim Routh and Damon Carter have an unconventional approach to solving this problem. They believe employers must be more in tune with the employees’ side of finding and keeping talent in their companies. So rather than trying just to retain employees, they should be spending time and energy on new opportunities for employees to learn and develop new skills. This may mean finding professionals from other fields. Jim Routh shared an example of this saying, “I ended up hiring a journalism major who graduated, and I think had one or two jobs before and kind of struggled, and is now flourishing in cybersecurity, and going into other technical areas in cybersecurity, kind of gaining that, that knowledge and skill.” When you invest in these opportunities, employees will feel satisfied and be willing to stay with the company longer. To be successful at this, employers need to partner with their HR professionals to collaborate with them to adopt these management practices.

The only way to get through this gap and not be scathed is by leading and supporting your employees through listening and providing them with the resources they need to grow and learn. And like Routh says, leaders don’t “have to be the motivator…the leader just has to get out of the way and be a support like a coach.” Carter backs this up by also pointing out that when you do this you provide “a much more engaging and comfortable dialogue between the leader and the employee on a regular basis.” Instead of having a conversation about traditional performance management and asking, “what did you do right?” and “what did you do wrong?” you should be asking, “how can I help you?” This is the primary tool you should be using when recruiting. While you are making your employees more marketable, you are also creating a desire for them not to want to leave. You must make them consider whether they will get the same kind of support at another company, and the answer must be no.

You must take on a new role of supporter rather than just leader. You must be flexible when defining your employees’ positions. You may have to change an employee’s role to include what they want to learn. By doing all of this, you are hiring talent when you find it and helping them blossom into the professionals you will need. The market is scarce right now, so why not spend the time and resources to help create the best candid

Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via [email protected]

As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70
Chief Information Security Officer CISO Podcasts rankings.