Request demo

New frontiers in workforce experience

Cyber threats continue to proliferate, pushing leading industries, governments and supply chains to strategize for the future while they put out existing fires.

As companies ramp up their overall risk management efforts, they need to be careful not to conflate compliance with security. Adjusting your practices to operate in accordance with new laws and guidance doesn’t mean you’ll always be ahead of bad actors. You need to be vigilant and proactive. 

And you’ll be in good company — half of executives say they’ll bake cyber considerations into all of their business plans and decisions. These trends toward proactivity can benefit everyone. But meeting the demands of now and anticipating the future brings challenges.

While the threats have been multiplying, the talent pool to address them hasn’t. Upskilling and reskilling current employees — even beyond those in traditional cyber and IT roles —can help you close gaps and support cybersecurity strategies.

Complete the form below to read the full article

Required fields are marked with an asterisk(*)

I agree PwC can email me about its insights, newsletters, events, services, products, and offerings. *

The high demand, low supply cyber talent problem 

Organizations are finding the cyber threat landscape more daunting and the stakes are higher than ever. In the age of information, data makes for a lucrative bounty and the attacks to siphon it are increasingly sophisticated—and detrimental to brands, their stakeholders and customers. While shoring up threats takes thoughtful investment in cyber tech and process changes, cyberproofing for the future requires an agile approach to building skills and capabilities that can continue to respond to the non-stop emergence of threats and specialized security sub-fields.

Yet, what may have been a clear plan of action — increase headcount to beef up security — has been hindered by a low supply of skilled cyber talent to fill new roles.

More than half (51%) of executives say they planned to add full-time cybersecurity staff, but in the US 50% fewer candidates are available than are needed in the cyber field. Globally, it was estimated that 3.5 million cybersecurity jobs went unfulfilled in 2021. 

Organizations are looking to college campuses to recruit fresh talent, but they too are struggling to keep up with the evolving field of cybersecurity. By the time students get through a program, their newly acquired knowledge may already be behind bad actors' capabilities. Another challenge — theory-based curriculum often leaves students without hands-on experience needed for Day One readiness. Combine these factors with over-reaching “entry-level” cybersecurity job prerequisites that demand traditional degrees and years in the field — and organizations may be their own worst enemies in the recruiting trenches. By ignoring self-taught professionals and individuals who passionately pursue cybersecurity fields and certifications, they miss out on the very talent they need to close their skills and capabilities gaps. 

Upskilling the village: Look within for potential 

If looking outside your organization for cybersecurity professionals isn’t helping you fill roles, it’s time for a mindset shift — one that needs to refocus recruitment efforts from the outside to recruiting from within. 

Organizations can build up their line of cyber defenses by adding upskilling programs to redistribute job functions. And there’s an appetite for this — 77% of workers — are ready to learn new skills or completely retrain. Cloud security, security awareness, endpoint security, and real-time threat intelligence capabilities are top executive priorities — and are all skills that can be picked up on the job either through hands-on experience or function-based upskilling. 

For example, someone in HR can learn how to defend against phishing or social engineering data security threats. An entry-level employee in IT can gain competency in Azure cloud security. A senior legal counsel member can transition into a cyber legal advisory position. 

The skills needed in cyber security are diverse, and the traditional way of recruiting from a cut-and-paste job description can only continue to stunt growth and innovation. Organizations may need to ditch the status quo and take a creative and purposeful approach to covering their cybersecurity skills gaps with upskilling from within.

Choosing the right upskilling platform for cyber

Given the persistent threat of cyber attacks and talent crisis, it’s time to consider upskilling to fill in the gaps. Continuous learning is important for people in the field to maintain an edge. The trouble is, there’s a lot of learning software out there. It can be hard to pinpoint a solution that’s going to give you everything you need to stay abreast of evolving risks. 

Here are four top questions to consider when looking to invest in a cyber upskilling platform:

1. Does it decrease time as a barrier to skill achievement?  

Look for features like gamification or simulations to improve effectiveness and recall. Learners should also be allowed to learn at their own pace in short segments so they receive the right amount of learning and practice during each experience.

Participants in simulated cyber breaches are better equipped to make high-impact decisions more quickly. They’ve gained an understanding of the collaboration and steps required to help safeguard your company from threat actors — and the potential ramifications and remediation options after an attack. 

2. Can learners apply skills on the job immediately?

Traditional learning programs often fail at the transfer point between learned skills and job application. Learners should be able to apply their skills through realistic business projects related to their function and gain the immediate feedback they need to confirm skill comprehension or competency. 

For example, a cyber professional who needs to conduct vulnerability scans and detect intrusions should be able to boost their communication and decision-making skills in ways that help them make meaningful improvement recommendations. A business risk manager concerned about compliance requirements can learn to analyze cyber security incidents more deeply and sharpen his digital skills with courses in predictive analytics.  

3. Will it help identify emerging and relevant skills?

Upskilling should be more than a one-size-fits-all learning curriculum. It should be able to identify skill gaps and provide highly personalized learning pathways based on skill level, role and business function. 

For cyber, this means providing learning pathways for individuals across your organization from the C-suite to the board, to risk management and technology functions. With so much learning software available, you need a platform that does the heavy lifting for you by curating content aligned to the skills needed to help prevent tomorrow’s threats today. 

4. How often is the content updated?

When it comes to the fast pace of cyber attacks, organizations need to know that learners can gain access to the latest and greatest techniques and tools, leading practices, trends and compliance requirements. Access to continually refreshed content helps you stay ahead of attackers who continually find new exposures and ways to compromise and exploit digital ecosystems. 

ProEdge: Secure your organization with citizen-led innovation

Cybersecurity training can help you stock up on data warriors to fill top roles in cloud solutions, security intelligence and data analysis. 

The ProEdge cyber channel of content helps fortify the teams that defend your organization from cyber threats. We scoured hundreds of courses so you don't have to — and made sure learners always have access to the latest information, personalized learning pathways and curated content based on skill level, role and future goals. 

With ProEdge, your cyber professionals can keep pace with a changing digital and cyber environment — all while giving them the freedom to apply their learning right away so they feel more empowered to innovate and grow. A powerful combination against cyber threats.

Invest in tomorrow

Stay ahead of the curve with ProEdge, a PwC product, the revolutionary way to upskill your people and prepare your organization for tomorrow. This unique platform allows you to pinpoint critical skill gaps and effectively help close them with automatically generated personalized learning pathways. Leading curated content, coursework and hands-on learning empower your workforce to make an immediate impact through citizen-led innovation. Access to digital tools enables solution-building that scales across teams. This is how ProEdge helps your people

to perform at their highest level — giving them the power to help transform your entire organization.

Download this resource

Take the first step on a new path toward transforming both your organization and the learning experience of your employees.

Related articles