Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan
Systematically source the skills your organization needs.
- The demand for qualified cybersecurity professionals far exceeds supply. As a result, organizations are struggling to protect their data against the evolving threat landscape.
- It is a constant challenge to know what skills will be needed in the future, and when and how to acquire them.
Our Advice
Critical Insight
- Plan for the inevitable. All industries are expected to be affected by the talent gap in the coming years. Plan ahead to address your organization’s future needs.
- Base skills acquisition decisions on the five key factors to define skill needs. Create an impact scale for the five key factors (data criticality, durability, availability, urgency, and frequency) that reflects your organizational strategy, initiatives, and pressures.
- A skills gap will always exist to some degree. The threat landscape is constantly changing, and your workforce’s skill sets must evolve as well.
Impact and Result
- Organizations must align their security initiatives to talent requirements such that business objectives are achieved and the business is cyber ready.
- Identify if there are skill gaps in your current workforce.
- Decide how you’ll acquire needed skills based on characteristics of need for each skill.
Member Testimonials
After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this blueprint and what our clients have to say.
9.0/10
Overall Impact
$10,756
Average $ Saved
9
Average Days Saved
Client
Experience
Impact
$ Saved
Days Saved
State of Wyoming
Guided Implementation
10/10
$12,999
20
Great information that is very applicable on what I'm working to achieve.
LGM Financial Services
Guided Implementation
9/10
$1,000
1
FirstCaribbean International Bank Limited
Guided Implementation
8/10
$18,269
5
Open Text Corporation
Guided Implementation
2/10
N/A
N/A
Canadian Blood Services
Guided Implementation
7/10
$2,000
5
All good. Thanks for the provided guidance
Open Text Corporation
Guided Implementation
7/10
N/A
N/A
County of Los Alamos
Guided Implementation
10/10
N/A
N/A
BWX TECHNOLOGIES, INC.
Guided Implementation
10/10
N/A
N/A
Aaron was able to quickly assess and understand our need then direct me to an Info-Tech workbook that can be utilized to help with our situation. ... Read More
Workshop: Close the InfoSec Skills Gap: Develop a Technical Skills Sourcing Plan
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Module 1: Identify Skill Needs for Target State
The Purpose
- Determine the skills needed in your workforce and align them to your organization’s security roadmap.
Key Benefits Achieved
- Insight on what skills your organization will need in the future.
Activities
Outputs
Understand the importance of aligning security initiatives skill needs with workforce requirements.
Identify needed skills for future initiatives.
- Security Initiative Skills Guide
Prioritize the initiative skill gaps.
- Skills Gap Prioritization Tool
Module 2: Define Technical Skill Requirements
The Purpose
- Identify and create technical skill requirements for key work roles that are needed to successfully execute future initiatives.
Key Benefits Achieved
- Increased understanding of the NICE Cybersecurity Workforce Framework.
- Standardization of technical skill requirements of current and future work roles.
Activities
Outputs
Assign work roles to the needs of your future environment.
- Skills Gap Prioritization Tool
Discuss the NICE Cybersecurity Workforce Framework.
Develop technical skill requirements for current and future work roles.
- Technical Skills Workbook
- Current Workforce Skills Assessment
Module 3: Acquire Technical Skills
The Purpose
- Assess your current workforce against their role’s skill requirements.
- Discuss five key factors that aid acquiring skills.
Key Benefits Achieved
- A method to acquire skills in future roles.
Activities
Outputs
Continue developing technical skill requirements for current and future work roles.
- Technical Skills Workbook
- Current Workforce Skills Assessment
Conduct Current Workforce Skills Assessment.
- Current Workforce Skills Assessment
Discuss methods of acquiring skills.
- Technical Skills Workbook
- Current Workforce Skills Assessment
Develop a plan to acquire skills.
- Technical Skills Workbook
- Current Workforce Skills Assessment
Module 4: Plan to Execute Action Plan
The Purpose
- Assist with communicating the state of the skill gap in your organization.
Key Benefits Achieved
- Strategy on how to acquire skills needs of the organization.
Activities
Outputs
Review skills acquisition plan.
- Technical Skills Workbook
Discuss training and certification opportunities for staff.
Discuss next steps for closing the skills gap.
Debrief.
About Info-Tech
Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.
We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.
What Is a Blueprint?
A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.
Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.
Need Extra Help?
Speak With An Analyst
Get the help you need in this 3-phase advisory process. You'll receive 5 touchpoints with our researchers, all included in your membership.
Guided Implementation 1: Identify skill needs for target state
- Call 1: Define security roadmap skill needs.
- Call 2: Prioritize and associate roles with the initiative skill gaps.
Guided Implementation 2: Identify technical skill gaps
- Call 1: Align role requirements with future initiative skill needs.
Guided Implementation 3: Develop a skills sourcing plan for future work roles
- Call 1: Understand and define the factors that influence the skills sourcing plan, and discuss options for sourcing skills.
- Call 2: Score key factors against needed skill, and determine how to source a skill.
Contributors
- Amanda Bluett, Head of Cyber Defence and Assurance, CBRE
- Eldon Sprickerhoff, Chief Innovation Officer, eSentire, Inc.
- Anja Adam, Manager of Information Security – IT Risk & Compliance, De Lage Landen International B.V.
- Four anonymous contributors
Assess Your Cybersecurity Insurance Policy
Achieve Digital Resilience by Managing Digital Risk
Combine Security Risk Management Components Into One Program
Prevent Data Loss Across Cloud and Hybrid Environments
Build an IT Risk Management Program
Develop and Deploy Security Policies
Fast Track Your GDPR Compliance Efforts
Build a Security Compliance Program
Embed Privacy and Security Culture Within Your Organization
Establish Effective Security Governance & Management
Improve Security Governance With a Security Steering Committee
Develop Necessary Documentation for GDPR Compliance
Reduce and Manage Your Organization’s Insider Threat Risk
Satisfy Customer Requirements for Information Security
Responsibly Resume IT Operations in the Office
Master M&A Cybersecurity Due Diligence
Integrate IT Risk Into Enterprise Risk
Present Security to Executive Stakeholders
Deliver Customer Value by Building Digital Trust
Address Security and Privacy Risks for Generative AI
Protect Your Organization's Online Reputation