Secure the Right Workforce with Cyber Skills Assessments

Organizational demand for capable cyber personnel continues to far outstrip supply. The 2020 (ISC)² Cybersecurity Workforce Study found a global cybersecurity workforce shortage of close to 3.9 million workers, with North America showing the highest shortage of any region—approximately 359,000. In a rapidly evolving cyber threat environment, filling this critical skill gap quickly and efficiently is essential.

Cyber skills assessment is a proven, pre-hire method of quickly identifying candidates with the right skills to excel in specific positions. One of the most oft-cited talent-management hurdles is an inability to effectively discover a candidate’s level of depth in relevant technical skills during the selection process. Skills-based assessments require individuals to demonstrate their ability to perform particular tasks just as they would on the job. In our work implementing cyber skills assessments for a wide range of businesses and federal agencies, we’ve identified some key takeaways for organizations seeking to shore up their talent needs:

• Real-World Skills. Cyber skills assessments allow organizations to test an applicant’s job-relevant skills from behind the keyboard. This creates insights beyond interviewing or resume screening to drive better outcomes and, with specialists building and implementing these tools, also reduce the legal risk of unintentional harm or bias.
• Predictive Power. Work sample tests, a type of skills assessment, are highly predictive of job performance when combined with other selection methods. A key to their power is proper implementation. Done right, work sample tests can substantially improve selection decisions for a lasting positive impact. 
• Cost Savings. The most direct value in implementing cyber skills assessments is in avoiding the costs of bad hiring. The U.S. Department of Labor estimates that the average cost of a bad hiring decision is at least 30% of the individual's first year expected earnings. These are high prices to pay for highly skilled cyber positions that often begin in the six-figure range.
• Authoritative, Validated Support. Many commercial-off-the-shelf assessments have slick user interfaces, but the rigor and methodology that undergirds the tool is what matters when it comes to accurately measuring an individual’s ability to perform the tasks aligned to their role. To truly ensure that the right skills are being evaluated, assessment solutions should leverage cyber subject matter experts and industrial-organizational psychologists in combination with industry-standard frameworks like the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework.   

Skills assessment tools can also be leveraged by organizations post-hire. Administering skills-based development assessments to existing workforces can provide relevant performance metrics and challenging training that meet the specific requirements of any organization. As cyber threats change and grow, flexible assessment tools can easily be updated for emerging workforce knowledge needs. Other benefits include:

• Tracking Skill Development. Certain assessment tools can interface with learning management systems to track the development or maintenance of cyber skills over time. By linking tasks and detailed performance metrics directly to work role standards, skill assessments can give organizations detailed insights into the effectiveness of their workforce training strategies, and easily identify areas for growth at the individual development plan level. 
• Realistic, Engaging Learning Modality. High-fidelity skills assessments allow participants to solve problems and complete tasks in real time in a controlled environment. Cyber learners are provided with realistic stage-setting, exposure to meaningful examples, and experience working through authentic scenarios that emulate the challenges they will regularly face on the job.
• Team Training. In many cyber domains, the assessment of an entire team is as critical as the assessment of any one individual’s skills. The most vulnerable target at your organization isn’t a system or technology—it’s your people. Assessment tools can be outfitted both to identify existing skill gaps in team performance and to transfer critical new knowledge to work teams.

Lastly, it’s important to note that the design and implementation of effective assessment tools alone is not sufficient. The human resource professionals and cyber leaders using the assessments must fully understand how to properly administer them, how to appropriately grade them, and how to monitor and safeguard against unintentional adverse impact. Complementary expertise in designing and administering assessment programs for selection and training goes a long way toward effectively and legally achieving a broad range of talent advantages.

An Innovative Way to Overcome the Cyber Talent Gap

Cyber skills assessment offers a constructive approach for organizations confronted with the challenges of identifying technically capable candidates and maintaining the knowledge of their cyber workforce in real time. Assessment tools are not a cure-all for these very common cyber talent challenges, but when implemented thoughtfully, they help to manage them.

Booz Allen and our clients confront the challenge of the cyber labor shortage every day. We empathize with the cyber talent challenges facing public organizations because we’ve faced them ourselves and learned to overcome them through innovative talent practices and proven operational strategies.

For more information regarding your cyber workforce strategy, contact us.