The Top Challenge Facing Info Security leaders in 2019

The Top Challenge Facing Info Security leaders in 2019 864 486 N2K

The Top Challenge Facing Info Security leaders in 2019

We did away with our crystal ball this year and asked 600 department cybersecurity team leads, CISOs, managers, and directors what their top challenge was as they roll into 2019. Overwhelmingly hiring skilled staff was the biggest challenge even when compared to retention, budget, and competence of current staff.  Let’s take a closer look at each.


Security training budget:  17%
Hiring skilled staff: 37%
Ensuring team competence: 23%
Retaining current workers:  23%

Security Training Budget     

Regardless of the prevalence of breaches, leadership still doesn’t quite understand the need for people, training, hardware, and software — all of which need to be managed in order to protect an organization’s most critical assets.  Security leaders everywhere are seeking appropriate budget. One solution to the training budget fight is ensuring cyber literacy of the executive leadership team.  We assist organizations by helping leadership understand and think critically about the cyber issues facing their organizations. In our experience, once executives understand cyber risk as an enterprise risk then the budget conversation shifts and becomes much more interactive.

Hiring Skilled Staff              

Cyber leaders continue to struggle with finding skilled staff to fill their open positions.  The options tend to be overpaying for talent or going without. We see many organizations partnering with universities and academies that produce cyber talent.  By identifying a talent pipeline, organizations can help themselves now and into the future. This year, we also expect to see a real focus on apprenticeship programs and Federal funding opportunities.  In the meantime, we recommend focusing on training. We help organizations transition IT staff into cyber roles as well as support entry level team members get prepared for their roles. By identifying any knowledge gaps early, we can help ensure knowledge and skills competence.  

Team Competence

Leaders are trying to fill roles often unsure of the level of competence of the new team members. Plus with so many open positions, many cyber practitioners end up covering multiple roles with on the job training as their only option. Cyber practitioners regularly have gaps in their knowledge and therefore, cyber leaders are unsure what their people know and don’t know. We introduce assessments, personalized training, hands-on training, certification training, and ongoing professional development so that leadership can be confident in the competence of their cyber teams.

Staff Retention

Retention of information security staff will continue to be a challenge far into the future. With so many open positions and firms actively recruiting for cyber expertise, organizations will need to focus on the retention of key employees.  As we look into 2019, we expect companies to retain talent through comprehensive packages which will contain salary increases, training stipends and activities, certification funding, conference attendance, and quality of life assurances. We don’t expect to see a silver bullet as a retention strategy but rather a unique combination of ongoing activities.

What’s next?

2019 will be a year full of challenges and opportunities for cybersecurity staff and leaders. N2K is here to help with training solutions to fit organizations of all sizes and all budgets.  Whether in-person, live online, or on-demand, our training solutions are designed to measure competence and then create a personalized journey for every user. Plus, with tools and reports for leaders, we help with both ensuring your staff confidence and your compliance needs.