{"id":186782,"date":"2026-02-12T13:00:00","date_gmt":"2026-02-12T18:00:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/12\/cybersecuritys-broken-hiring-process\/"},"modified":"2026-02-12T13:05:09","modified_gmt":"2026-02-12T18:05:09","slug":"cybersecuritys-broken-hiring-process","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/12\/cybersecuritys-broken-hiring-process\/","title":{"rendered":"Cybersecurity’s Broken Hiring Process"},"content":{"rendered":"

Cybersecurity’s Broken Hiring Process<\/a><\/p>\n

https:\/\/www.linkedin.com\/pulse\/cybersecuritys-broken-hiring-process-cisoseries-5fzsc<\/a><\/p>\n

Publish Date: 2026-02-12 13:00:00<\/a><\/p>\n

Source Domain: www.linkedin.com<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n

Something is wrong with the math in the cybersecurity job market. If there are “millions” of unfilled jobs out there, why are so many job seekers struggling to even book an interview?<\/p>\n

Check out this post by <\/p>\n

Dr. Chase Cunningham<\/p>\n

, CSO at
\n Demo-Force.com
\n , for the discussion that is the basis of our conversation on this week\u2019s episode, co-hosted by me, <\/p>\n

David Spark<\/p>\n

, the producer of CISO Series, and <\/p>\n

Geoff Belknap<\/p>\n

. Joining us is <\/p>\n

Brett Conlon<\/p>\n

, CISO,
\n American Century Investments
\n . Thanks to our podcast sponsor,
\n Scanner
\n .<\/p>\n

The experience paradox<\/p>\n

Getting into cybersecurity has become a problem that higher education seems unable to address. <\/p>\n

Nick Chadwick<\/p>\n

of
\n NT Concepts
\n described his own path: “I didn’t even get into cybersecurity roles until I was 5-8 years deep in enterprise and edge IT, and then they were just additional duties on my normal job.” That was 20 years ago. Today, he asked, “How can someone perform cybersecurity primary roles if they don’t have deep hands-on exposure to enterprise IT?” Hand wringing about talent shortages isn’t new, as <\/p>\n

Rob Slade<\/p>\n

of
\n ISC2
\n reminded, “Forty-five years ago, when I joined the IT job market, there were articles (from companies) bewailing the lack of IT talent. Forty years ago, when I joined the security job market, there were articles bewailing the lack of security talent.” For the last thirty years, while teaching IT and security talent, “there have never been recruiters beating down the doors. And yet, the articles bewailing the lack of talent have continued. Either the articles are lying, or this ‘supply and demand’ thing that the economists seem to think is important, is, in fact, nonsense.”<\/p>\n

Who benefits from the narrative?<\/p>\n

The talent shortage story isn’t coming out of a vacuum. It serves specific institutional interests, hiding dysfunctional hiring practices. <\/p>\n

Laura Kenner<\/p>\n

of
\n Bootstrap Cyber Community
\n pointed to who profits from perpetuating the shortage narrative, saying, “It’s the colleges and certification programs perpetuating this lie because it adds to their bottom line.” Companies want someone with 10 years of experience, expect them to be a jack-of-all-trades, but pay entry-level wages. “Candidates are coming out of schools and cert programs in droves, ready to work,” she emphasized. “The next generation of cyber professionals will be built in the workplace!” <\/p>\n

Andrew Robinson FREC<\/p>\n

of
\n Securiti
\n highlighted how internal processes compound the problem. He described a portfolio client whose pre-IPO hiring involved two or three interviews maximum with direct C-suite engagement. Once they reached $4 billion in revenue, “it was death by interview. 15+ wasn’t uncommon, and in the worst case, an 11-month process.” Companies try to reduce hiring costs, he noted, but many of their processes are broken and not fit for purpose.<\/p>\n

Kitchen sink job postings<\/p>\n

Market dynamics have given employers leeway to make unrealistic demands. “With thousands of highly experienced folks suddenly kicked to the curb, employers know they can ask for whatever they want under whatever title they want to use for their vacancy\u2014and pay less than they ever thought they could get away with paying,” said <\/p>\n

Arun Acharya<\/p>\n

. “Not so long ago, there was the phenomenon of the ‘kitchen sink’ resume. Now there is the new phenomenon of ‘kitchen sink’ job posting.” <\/p>\n

Ronald Sweatland<\/p>\n

of
\n Orcannus Cyber Security
\n emphasized that it’s not uncommon to see postings requiring a PhD in Cybersecurity along with every certification imaginable. “While these credentials may look impressive on paper, such expectations are often impractical,” he explained. “Organizations would benefit far more from professionals with hands-on experience and real-world problem-solving skills\u2014individuals who have faced and mitigated threats in live environments\u2014rather than those who have only accumulated theoretical knowledge and certifications.”<\/p>\n

The aggregation problem<\/p>\n

Part of this hiring story is that cybersecurity isn’t a one-size-fits-all industry. “I think there’s a disconnect here,” said <\/p>\n

\ud83d\udc68\ud83d\udcbb Steve Pangborn<\/p>\n

of
\n Onsite Logic
\n . “‘Cybersecurity’ isn’t a single discipline: it’s a whole ecosystem of roles: architecture, forensics, governance, detection, policy, data protection, and more. We often refer to a generic ‘cyber talent gap’ as if one person could fill all of that.” The path forward requires specificity rather than broad generalizations. “The truth is, we need to start defining what kind of talent is missing, and where, before we can effectively address the issue,” he emphasized.<\/p>\n

Please listen to the full episode on your favorite podcast app, or over on our blog, where you can read the full transcript. If you\u2019re not already subscribed to the Defense in Depth podcast, please go ahead and subscribe now. Listen to the full episode here.<\/p>\n

Thanks to our podcast sponsor, Scanner<\/p>\n

Subscribe to Defense in Depth podcast<\/p>\n

Please subscribe via Apple Podcasts, Spotify, YouTube Music, Amazon Music, Pocket Casts, RSS, or just type “Defense in Depth” into your favorite podcast app.<\/p>\n

Join us next week, Friday [02-20-26], for “Hacking the Future of Log Data”<\/p>\n

Join us Friday, February 20, 2026, for\u00a0\u201cHacking the Future of Log Data: An hour of critical thinking about why your traditional SIEM is telling only a fraction of the story.\u201d<\/p>\n

It all begins at 1 PM ET\/10 AM PT next Friday with guests <\/p>\n

tim leehealey<\/p>\n

, vp of corporate strategy and operations,
\n Strike48
\n , and <\/p>\n

Nick Falzarano<\/p>\n

, director, information security,
\n TE Connectivity
\n .\u00a0We’ll have fun conversation and games, plus at the end of the hour we’ll do our meetup.<\/p>\n

Thanks to our Super Cyber Friday sponsor, Strike48<\/p>\n

PREVIEW: CISO Series Podcast LIVE in Orlando, FL 3-6-26<\/p>\n

CISO Series Podcast will be making like snowbirds to Orlando, Florida, recording an episode at Zero Trust World 2026. <\/p>\n

Michelle Wilson<\/p>\n

, CISO,
\n Movement Mortgage
\n , and <\/p>\n

Rob Allen<\/p>\n

, chief product officer,
\n ThreatLocker
\n will be joining us on stage for the recording.<\/p>\n

Register to attend here, and use coupon code ZTWCISOSERIES26 to get $200 off your ticket.<\/p>\n

Thanks to our sponsor, ThreatLocker<\/p>\n

Cybersecurity Headlines – Department of Know<\/p>\n

Our LIVE stream of The Department of Know happens every Monday at 4 PM ET \/ 1 PM PT with CISO Series producer <\/p>\n

Richard Stroffolino<\/p>\n

, and a panel of security pros. Each week, we bring you the cybersecurity stories that actually matter, and the conversations you\u2019ll be having at work all week long.<\/p>\n

Monday\u2019s episode featured
\n Chris R.
\n , field CTO,
\n GigaOm
\n , and <\/p>\n

Nick Ryan<\/p>\n

, former BISO. Missed it? Watch the replay on YouTube and catch up on what\u2019s shaping the week in security.<\/p>\n

Thanks to our Cybersecurity Headlines sponsor, ThreatLocker<\/p>\n

Join CISO Series Podcast live at ThreatLocker’s Zero Trust World 2026, March 4-6th, 2026 in Orlando, FL. Use coupon code ZTWCISOSERIES26 to get $200 off your ticket.<\/p>\n

Jump in on these conversations<\/p>\n

\u201cNotepad++ Hijacked by State-Sponsored Hackers\u201d (More here)
\n \u201cWaPo Raid Is a Frightening Reminder: Turn Off Your Phone\u2019s Biometrics Now\u201d\u00a0(More here)
\n \u201cRussian hackers exploit recently patched Microsoft Office bug in attacks\u201d\u00a0(More here)<\/p>\n

Thank you for supporting CISO Series and all our programming<\/p>\n

We love all kinds of support: listening, watching, contributions, What’s Worse?! scenarios, telling your friends, sharing in social media, and most of all we love our sponsors!<\/p>\n

Everything is available at\u00a0cisoseries.com.<\/p>\n

Interested in sponsorship,\u00a0contact me,\u00a0David Spark.<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Cybersecurity’s Broken Hiring Process https:\/\/www.linkedin.com\/pulse\/cybersecuritys-broken-hiring-process-cisoseries-5fzsc Publish Date: 2026-02-12 13:00:00 Source Domain: www.linkedin.com Author: Using an…<\/p>\n","protected":false},"author":1,"featured_media":186783,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/media.licdn.com\/dms\/image\/v2\/D5612AQFAaTm3PFzmHg\/article-cover_image-shrink_720_1280\/B56ZwwUh7JHYAI-\/0\/1770337217059?e=2147483647&v=beta&t=ieBjeu9xbT3NVXDkLUFLxGJ2H_zWMi4Ls_4cdpG2yJQ","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,31],"class_list":["post-186782","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-exploit"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/186782"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=186782"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/186782\/revisions"}],"predecessor-version":[{"id":186784,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/186782\/revisions\/186784"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/186783"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=186782"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=186782"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=186782"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}