Who to hire can be a question for many. The National Initiative for Cybersecurity Education (NICE) Framework was developed by the National Institute for Standards and Technology as a guide, but it needs more information as to what to look for when deciding on best practices and IT systems to manage for cybersecurity (Boyd, 2018). According to Boyd (2018), cybersecurity is within 90% of the roles but, only about 10% of the job tasks are focused on cybersecurity during their normal duties. Many job titles and tasks need to be updated by stating exactly which tasks are considered part of cybersecurity in order to understand the organizations cybersecurity needs.
Asking questions in more detail to create a clearer picture for the cybersecurity role can be vital to an organization. With that information, organizations will not know who to look for or be able to provide a job description if they do not know or understand what their current employees are doing related to cybersecurity and what they need in a future cybersecurity professional. Understanding the industry best practices; tools; skills gaps; effective methods and ways to track programs for training and certifications; needs assessment; when to update positions within the organization; how to expand the cybersecurity workforce; what retraining and developing skills method to use and talent to keep the retention rate high is all the things to be considered when trying to understand the organizations needs and wants in a cybersecurity professional (Boyd, 2018). When an organization knows the type of deliverable that they need and require in both the public and private sector they can get a better picture on who and what they need to be more beneficial (Boyd, 2018).
Overall, knowing who is doing what tasks and the resources they need to keep the position to their benefit, the organization must ask vital questions in order to hire who they need for the position and/or have the right people in place. Without knowing so, organizations will continue to be lost with their cybersecurity needs and wants within a job description and within the person they are hiring for the job which can lead someone into a position with no title or lacking in a title.
Resource:
Boyd, Aaron (2018, March 23). Education Department Knows It Needs Cyberskills, But Doesn’t Know Which Ones. NextGov.com. Retrieved from https://www.nextgov.com/cybersecurity/2018/03/education-department-knows-it-needs-cyber-skills-doesnt-know-which-ones/146920/
MillerOnCyber 