The rise of generative AI is expected to displace more than 300 million jobs by 2030. On top of that, McKinsey projects that at least 12 million Americans will change their field of work over the same span. The workforce is on the precipice of a fundamental shift unlike anything we’ve experienced before. It marks a clear opportunity for cybersecurity to utilize innovative hiring approaches that address longstanding talent shortages causing heavy workloads, burnout and human error across the sector.
Generative AI is here to stay, but so too are cyber threats. The volume and velocity of major attacks will only accelerate as enterprise digital transformation continues to drive more cloud-based network adoption. And although generative AI could automate certain technical security roles over the next several years, the need for human ingenuity within cyber defense will always remain. Combatting highly sophisticated threat actors across a widened attack surface cannot be accomplished with advanced technology alone. Generative AI’s role in the future of security will lean more toward empowering humans rather than replacing them.
An unprecedented number of AI-displaced candidates will soon be entering the job market with transferable skills that position them for success in cybersecurity. Capitalizing on that will require organizations to pivot from traditional recruiting models which base candidacy on four-year college degrees and direct experience alone. Skills-based hiring approaches that prioritize certified reskilling and upskilling can open new pathways to employment and address talent shortages concurrently.
This shift aligns with the Biden Administration’s National Cyber Workforce Strategy that called for more organizations to adopt skill-based approaches to recruitment and professional development. In addition, President Biden’s recent AI Executive Order directed organizations to, “develop principles and best practices to mitigate the harms and maximize the benefits of AI for workers by addressing job displacement.” Focusing on transferable skills obtained through cybersecurity certification training is an effective place to start.
The Role of Certification Training
Cybersecurity certification training programs transcend the boundaries of traditional STEM backgrounds, empowering non-STEM professionals to leverage their transferable skills and contribute meaningfully to cybersecurity initiatives. Their innate soft skills in areas such as high-level strategy, analytical analysis, critical thinking, problem solving and effective communication can be seamlessly translated into vulnerability management, incident response, user awareness frameworks and more.
Certification training programs emphasize aptitude over experience, providing non-STEM professionals with a solid foundation of practical cybersecurity knowledge to build upon. These programs can also be used to reskill IT professionals who already have a technological background, giving them a deeper understanding of cybersecurity concepts, technical terminology and application methods.
In addition, certification training enables organizations to upskill their internal cyber workforce, augmenting capabilities with actionable guidance from certified courses tailored to the nuances of new roles and responsibilities. This continuous growth mindset enables security teams to stay abreast of evolving threats, attack surfaces and security standards for enhanced operational efficiency.
A Rundown of Transferable Skills
- Research Professionals: Impactful Data Analysis
Reskilled research professionals possess a wealth of data analytics skills, which are transferable to vulnerability management as threat actors target organizations’ high-value data. Their expertise in data collection, analysis and interpretation allows them to effectively identify, assess and prioritize data security vulnerabilities within complex systems. The ability to extract meaningful insights from large datasets is crucial for network detection and response (NDR) teams to prioritize remediation efforts and address critical vulnerabilities in real time. - Teachers: Robust User Awareness Frameworks
Reskilled teachers possess a unique blend of programmatic and instructional skills that are invaluable in leading training and awareness programs. Their experience in developing and delivering effective curriculum, coupled with their ability to engage and motivate learners, makes them well-suited to implement effective user awareness training programs across large organizations. These programs are in high demand as AI-powered social engineering attacks accelerate. Employees who receive continuous awareness training are five times more likely to identify and avoid malicious phishing links. - Strategic Communications Professionals: Effective Storytelling and Strategy
Reskilled communications professionals excel in storytelling and strategy formulation, two skills that are in high demand amid the SEC’s new cybersecurity regulations requiring heightened oversight from the C-Suite and Board. The ability to demystify cybersecurity by articulating the correlation between cyber risk and business risk is critical to fostering cross-functional collaboration amongst company leaders. A comms professional’s background in strategic messaging positions them to ensure risk resonates with senior management and advocate for necessary resources, helping to maintain a security-first culture within the organization. - Customer Service Reps: Problem Solving and Prioritization
Customer service representatives are adept at problem solving and prioritization, skills that are highly relevant in cybersecurity. Their ability to analyze complex situations, identify root causes and implement effective solutions is essential for addressing threats and breaches as a security analyst. Customer service reps can also effectively communicate with affected parties, provide technical assistance and resolve issues efficiently, minimizing disruption to business operations. - Lawyers and Paralegals: Poise Under Pressure
Lawyers and paralegals, accustomed to operating under tight deadlines and prioritizing tasks with precision, possess exceptional time management skills that are crucial when responding to imminent cyber threats. Their ability to manage multiple incident response cases simultaneously, ensuring that damages are minimized and business operations are swiftly restored, is highly valuable in the wake of a breach. In addition, their law backgrounds uniquely position them to help organizations align with compliance standards and avoid legal penalties as federal regulations tighten.
Navigating the evolving cyber threat landscape requires an agile workforce equipped with a diverse range of skill sets. While traditional cybersecurity professionals with specialized training and experience are undoubtedly essential, organizations can reap significant benefits by broadening their talent pool to include AI-displaced individuals from seemingly unrelated fields. By recognizing the transferable skills and aptitudes possessed by professionals from diverse backgrounds, organizations can cultivate a more resilient, adaptable and innovative cybersecurity workforce that swings the balance of power away from our adversaries.