There’s a short­age of cyber­se­cu­ri­ty experts. Three of my cur­rent cus­tomers are strug­gling with this, even at the CISO lev­el. You can see it by watch­ing how long the post­ings sit gath­er­ing dust on their job boards. I just came across a new report out that puts some num­bers on the prob­lem.

How will you fill these seats with cyber­se­cu­ri­ty experts?

Job mar­ket ana­lyt­ics firm Burn­ing Glass recent­ly exam­ined near­ly 40,000 online job sites and then issued this report: “Job Mar­ket Intel­li­gence: Cyber-Secu­ri­ty Jobs, 2015″.

Here’s one insight­ful stat:

Cyber-secu­ri­ty jobs account for 11% of all IT jobs, and they have grown three times faster than IT jobs over­all from 2010 through 2014.

You can get the entire report at the link above with­out hand­ing over your con­tact info. But while the report does a good job of quan­ti­fy­ing the prob­lem, I did­n’t see any good sug­ges­tions for deal­ing with it. So here’s an strat­e­gy that’s worked for me: Recruit from the IT ranks in your com­pa­ny.

Why? In most cas­es, back­fill­ing the IT job will take less time. And, you’ll have cyber­se­cu­ri­ty peo­ple who are famil­iar with your own IT prac­tices, not to men­tion they will bring their own infor­mal net­work of com­pa­ny con­tacts with them. It could be a great pro­fes­sion­al growth oppor­tu­ni­ty for the can­di­date, too.

A word of cau­tion: Before you start talk­ing seri­ous­ly with your inter­nal can­di­dates, be sure to work close­ly with their super­vi­sors so you don’t dam­age your own rela­tion­ships.

Have you tried this approach? How well did it work?