Employer Branding: Why Anthropology matters in your efforts to hire cyber security talent
There’s a lack of talent in #cybersecurity. Nobody seems to be able to hire enough qualified specialists. Nothing’s new in that.?
What’s really strange when speaking of this lack of talent is that no one seems to do anything about that and their situation. While you can’t magically snap your fingers to make the specialists you need magically disappear, what you can do is to stand out among the companies looking to hire talent and talk to them in a language they understand.
There’s too many job ads out there that are too formal and neither show the true spirit of the workplace and the specialists already working there nor the specialist they’re trying to attract. Also, there’s practically no companies who understand that engaging with the cyber security community could be a part of their employer branding strategy.
To me that makes absolutely no sense.
In reality, #employerbranding is marketing and like any other types of marketing it’s about creating immediate value to the recipient who in this case is the cyber security community.?
If you think about it, it makes sense: the cyber security community is full of those engaged, talented professionals your company needs to make your business strategy become reality. Those professionals who simply love cyber security so much that they are submerged in pet projects in their spare time, who love seeing other community members with the same passions to share inspiration, knowledge and to feel togetherness in an uncertain world.
By hooking into this community professionally, you show members of the community that you share their values and beliefs; that you are part of the tribe. Tribes are the cornerstone of civilization; people in the same tribe look out for each other, they help and support each other when they can. They truly care for each other. These are the feelings you want to awaken in the cyber security community.
领英推荐
Basically you want sentiment, you want the cyber security community to look up to you as a company, to your specialists. You want to make the cyber security community want to work with you.?
The good news is that it’s not hard to do this as long as you know the language of the community, which defines the rules and the tone of your communication and you can predict what community members will find interesting. And, admitted, that last part is quite hard. But basically it’s about knowing about cyber security and knowing about subcultures, about geekiness. Being a geek yourself, regardless of type, is definitely not a disadvantage.
So how do you create value? You give the community what fuels it:
To be frank, community employer branding is not for everyone. Honesty and transparency are important factors. Let me explain:
As a cyber security professional nothing is worse than not being taken seriously; to be hired to help increase security, to see that there is a need and that significant risks need to be addressed but not being able to. What usually happens is that management in theory finds security important but in reality finds other things, like making money, more important. I’m not saying that that isn’t fair to do if it’s done in complete transparency, if all risks have been assessed and addressed on management level and it has been decided. Unfortunately that is rarely the reason. More often than not, it’s the result of incompetent management, bad communication and reporting by people who are not very good at explaining exactly what impact this or that threat has on business risk.
So if you’re not one of those companies that truly does take cyber security seriously in every part of the business, you can’t go around pretending to be. Not forever, at least. And when the community finds out, your efforts will backfire.?
So in other words: If your company’s management truly mean it, and you have an organization that supports it, the effort you put into this will pay off if done in the right way.?
Cybersecurity Expert Advisor | Advising on CIS Controls and much more | Versatile and hands-on | Bridging Technical Expertise with Communication Acumen | Co-Founder, BSides K?benhavn | #KbhSec | #ADHDisOK
1 年Thanks. Sorry but I am not sure I understand. Briefs? As I see it, it has very much to do with HR people being traditionalists, CISOs thinking talent is HR’s responsibility only and siloed organizations. Happy to hear more about your experiences. I am sure there’s good learnings..
Sales & Marketing Manager | BON CHARGE
1 年"Also, there’s practically no companies who understand that engaging with the cyber security community could be a part of their employer branding strategy." Resonates. Hard. Do you think this might be because of a lack of briefs taken? Both job and candidate brief? Doing both of these opened up a whole new world of knowledge that helped us not only write better ads and recruitment marketing material to attract cyber folks, it helped us learn exactly what might attract cyber analysts, engineers, architects, managers etc - i.e. what they looked for when considering a job move. Invaluable.