IT security training is a top priority for CIOs
CIOs are taking a multipronged approach to protecting sensitive company information, and the majority are currently taking or planning to take steps in the next 12 months to improve IT security at their firms, according to Robert Half Technology.
The most common strategies include beefing up employee training on security issues (54 percent), vetting firms that have access to company data more closely (45 percent) and hiring more IT security professionals (41 percent).
A strong organizational communications plan and sound relationships with vendors will help improve security measures, but it all begins with the team responsible for managing those efforts.
Robert Half Technology offers the top three attributes of effective security employees and what to ask them when hiring:
Future focused – It’s important to ensure candidates will be an asset to your security efforts, bringing a broad range of experiences that will allow them to identify vulnerabilities in your network. Use this opportunity to discuss their use of proven methodologies, best practices and risk intelligence in previous roles and try to assess how they would apply them in your company. Ask candidates: “How would you create a security-conscious culture in our business?”
Security certifications – A well-rounded security professional will not only take steps to protect the organization, but also to stay ahead in the industry. With so many widely recognized certifications available, it’s not uncommon for candidates to have these on their resumes. While certifications show an investment and commitment to growing their knowledge base, it’s important to assess applicants’ real-world experience, too. Ask candidates: “How have your security certifications prepared you for this role?”
Soft skills – IT security professionals should have impeccable communication skills. Externally, they should be building solid relationships with firms and vendors that have access to company data or may be brought on to help with security efforts. Internally, they should be able to raise awareness to potential threats and explain security measures in a way that will help guide employee behaviors.
The prevalence of BYOD policies, for example, is just one of the many trends that make clear communication skills vital to ensuring companywide compliance. It’s essential for security team members to build partnerships across the organization to help increase vigilance throughout. Ask candidates: “What would be your communications approach around security, potential threats and best practices to senior leadership and employees companywide?”