The modern cybersecurity professional and retention challenges
The discussion began by addressing common perceptions about the young generation entering the cybersecurity workforce, often characterized by short tenures and a demand for continuous challenge. The moderator challenged Simon Scheirlinckx, who as a representative of Gen Z was asked whether he agreed with the prejudices out there.
Simon Scheirlinckx: “I would say that part of it may be true. If people of my generation are looking for another challenge, they do not hesitate to switch companies. Previous generations preferred more stability.”
Rosanna Kurrer elaborated on this from her experience. She believes the young generation actually wants to contribute meaningfully to the organisation: “You will notice they are really motivated at the beginning, and that is where you can give them a chance to grow. Being part of the purpose is important for them.”
Bridging the skills gap and attracting diverse talent
A major theme of the debate was obviously the difficulty of filling thousands of open vacancies, looking beyond traditional recruitment pipelines and focusing on diverse backgrounds. Moderator Saskia Van Uffelen turned to Ann Mennens for her take on this based on her experience at the European Commission.
Ann Mennens: “With fierce competition for cybersecurity resources, we try to stand out. We also train colleagues on the job to bridge skills gaps within a limited budget. As an example, in my team, trainees – from a variety of backgrounds – are our talent pipeline. Cybersecurity needs diverse profiles, not only techies, and using role models to build a bigger work force helps. There is a whole lot of talent that is not being seen or included yet. Therefore, initiatives like Women4Cyber are so important to help women to advance and choose a career in cybersecurity,” she concluded.
“Cybersecurity has an image problem,” added Rosanna Kurrer. “The perception that you only need to code to work in cybersecurity is false. We are stuck because traditionally the pipeline came from IT, meaning people already had years of experience. Now we need new profiles from the business side, including legal and other experts.”
Streamlining recruitment and overcoming hiring barriers
A significant obstacle to closing the gap seems to be the conservative hiring processes of many companies, which rely heavily on specific experience and language requirements. The panellists discussed how some of these current barriers can be broken down.
Rosanna Kurrer highlighted the importance of building a solid pipeline to bridge the talent gap: “Organisations should provide more opportunities for starters and have senior people mentor them to accelerate their learning process.” She noted that a key hurdle is that Belgian companies require recruits to master both Dutch and French, next to being proficient in English.”
“Part of the problem may be that the person writing the job ads are not always fully aware of what the security team actually needs,” she added. “Sometimes they even put the required skills of a whole team in one job ad. Women we talk to, for instance, tend to think they need to fulfil every requirement. We have to convince stakeholders to hire atypical profiles, even when they lack local language proficiency, certification, or experience.”
Ann Mennens concurred that the main problem is that the people hiring need to dare to choose candidates who are motivated and ready to learn, rather than being a copy of their own background.
Education’s role in talent development
Training and education play an important role in preparing future talents as well as in retaining and motivating them. The moderator inquired about the difference between and use of formal and non-formal education in the field of cybersecurity.
Rosanna Kurrer: “Formal education is usually known as a multi-year university education, working towards a degree. Non-formal education includes boot camps, often led by smaller companies or startups, allowing them to adapt to the market faster. They are willing to train people who are not coming through the usual pipeline. A major advantage of non-formal education is the one-on-one mentoring and hands-on approach. Formal education provides a degree but is less adapted to the market.”
Simon Scheirlinckx agreed, sharing his own experience: “My formal education gave me tools and vocabulary, but not the practical experience. When I did my internship in cloud security, I learned a lot more in a few weeks than in two years at school. But both types of education can go together.”
Prioritizing well-being and future solutions
Next the panel focused on the pressure and high-stress environment of cybersecurity requiring organisations to focus on well-being and proactive retention strategies.
According to Ann Mennens, a pragmatic approach can already provide a lot of relief: “At the team level, you must ensure clear procedures and responsibilities. Make sure there is a backup so people can go on holiday or fall ill without stress. Try to create a community where people can share expertise and best practices, learn from mistakes, and build trust so nobody feels alone with their problems.”
In conclusion, the panellists offered their final suggestions for solving the talent crisis and how to best engage with the youngest talent.
Rosanna Kurrer: “Put more people in the spotlight and give more opportunity for people to try and fail and try again. Give everybody a coach or a mentor. Take the risk out of the hiring. For instance, give atypical profiles a chance and you will see that after a year, they will have acquired the necessary work experience.”
Ann Mennens: “Managers need to ask themselves why they keep on hiring copies of themselves. Just try out different things: hire people coming from diverse backgrounds, use alternative ways of learning and value soft skills. Give people more liberty to make their own career.”
Simon Scheirlinckx: “I agree. Even if a profile is not a 100% match, you can give him or her a chance, and you would be surprised of the result.”
On the picture from left to right: Saskia Van Uffelen, Ann Mennens, Rosanna Kurrer, Simon Scheirlinckx.
