Cybersecurity Workforce Development in Action

Focal Point recently had the privilege of helping a large retailer assess the sustainability and effectiveness of its workforce development program. This program is, to date, one of the most advanced we have seen in the industry. Here’s a closer look at what they’re doing.

This company’s journey to becoming a cyber workforce paragon began – as is too often the case – with a breach. After this high-profile security lapse, the retailer centered its efforts on a simple goal: build the best threat detection and incident response team on the planet. To them, this meant having a capable workforce ready to combat any cyberattack technique and detect an invasion in any part of the network. The leadership team created a new approach, one designed to build a sustainable talent pool for years to come. This new approach would yield a cybersecurity strategy that would uphold the organization’s enterprise objectives and evolve as threats advanced in the future. This was their approach:

Project Summary

Step One: Change the Hiring Process

Previously, the retailer had relied on certifications, degrees, and years of experience when hiring for their security team. But following the breach, they realized these weren’t always the strongest indicators of skill and ability. So they revamped their job descriptions to be more focused on specific character traits and proven aptitudes. Roles were rewritten and levels were clearly defined, illustrating a clear career path to candidates and existing team members alike. This also gave business leaders the peace of mind that every skillset was accounted for.

Step Two: Establish a Workforce Development Program

The cybersecurity leaders at the company knew they couldn’t just hire new resources to fill our their team. They needed professionals that were trained in their specific tools, environment, and culture and were very familiar with their threat landscape. To accomplish this, they mapped out a detailed workforce development plan. This program was a unique combination of third-party trainings, internal trainings and exercises, regular skills assessments, and conference attendance.

Step Three: Test and Assess the Team

While the retailer decided to invest in high-quality internal and external training for their employees, they didn’t stop there. They recognized that assessing and testing the team were the most critical steps in the development plan. Throughout the year, the cybersecurity team was regularly tested on knowledge, skills, and abilities through a series of challenges that varied in difficulty by job level. These assessments had three objectives:

  • Measure the employee’s abilities to defend and detect.
  • Determine how the employee is progressing against their career path.
  • Remind the employee of the KSAs needed to advance to the next level.

In addition to these more dynamic assessments, the team also rolled out smaller test scenarios to keep employees challenged and further the team’s learning culture.

For a while, this new approach seemed to be working perfectly. Employees were happy because they knew their roles, felt validated through testing, and understood where their career paths were headed. This meant lower turnover and a more productive team. But as time progressed, a couple of issues came to light that made leadership concerned for the sustainability of the program.

The Challenges

First, conference learning events and off-site trainings were not delivering the value leadership needed. These types of events were considered rewards for personal career advancement, but unfortunately, the training delivered through these platforms often didn’t tie into the formal development program. At $8-10k per student (plus expenses), these ad-hoc trainings were eating up precious budget and sacrificing three days of employee opportunity cost for little return.

The internal training component of the program had been designed to complement the external trainings, ensuring the skills learned at these conferences and events could be applied to the company’s specific tools, network, and technologies. On top of the responsibilities of their individual roles, experienced security team members were also expected to help develop and deliver internal trainings to build up new, productive members of the team. While this strategy had good intentions, it presented two problems. Either training would get pushed back when more urgent, timely security issues came up, or the expertise and leadership abilities of these team members would not be available during an important project.

Success and Continued Support

Recognizing these issues early on, business leadership began researching workforce development partners that could customize technical security trainings to the exact threat landscape the company faced, and the skills needed to address those threats. By building a relationship with one of these companies, they could free up their security leaders’ time, while still having the assurance that their resources were receiving tailored training. These trainings could be delivered on-site at the same price (or less) as conferences or ad-hoc trainings, while delivering much more value. In addition, employees would still receive trainings that challenged them and helped to advance their skills, making them feel valued and rewarded.

In the end, this combination of outsourced workforce development, with occasional specialized internal trainings, proved to be a perfect recipe. It allowed the company to continuously elevate the skills of their cybersecurity team without overtaxing their experienced professionals or compromising their day-to-day security responsiveness. As a result, the company now has a sustainable and effective cyber workforce development program that will keep their talent pipeline overflowing for years to come.

Case Study: Cybersecurity Workforce Development in Action 2
Featured Service

Cyber Workforce Development

63% of companies are feeling the impact of the cyber skills shortage. Without the skilled cyber professionals they need, they are at a greater risk of a breach and more likely to receive regulatory fines. Hiring has traditionally been the solution, but there simply are not enough experienced cyber professionals to go around. Our solution? Training up the skilled resources you need – recent grads, IT professionals, junior security resources, and more. See how cyber workforce development can transform your team.

Learn More

Featured Case Studies

Check out more stories about the exciting projects we've been working on.
Case Study: A Large Dental Benefits Administrator Improves Overall Operations with Business Continuity and Disaster Recovery Plan
Case Study

PCI Risk Assessment and Roadmap for a Leading Global Call Center

One of the world’s leading global call centers, with contact centers in over 15 countries, support in roughly 30 languages, and more than 20,000 employed team members, engaged Focal Point for a PCI risk...
Learn More
Case Study: Implementing SailPoint’s IdentityIQ for a National Water Company
Case Study

A Top State University Gets Back on Track with an Upgrade to Oracle Identity Manager

A major university in the U.S was operating an overly complex IAM system and purchased Oracle Identity Manager as a more effective solution, but after two years, the system had still not been implemented.
Learn More
Case Study: A Large Public School District Protects Sensitive Data With a Cybersecurity Assessment
Case Study

A Large Public School District Protects Sensitive Data With a Cybersecurity Assessment

The CIO of a large public school district in the United States sought a strategic cybersecurity assessment to gain a better understanding of the existing IT security systems, processes, and risks.
Learn More