“He’d been in the same role for almost three years, and he’s that sort of individual that doesn’t complain and always delivers,” Chapman explains. “Under the radar, he was upskilling himself on his own; he’s a hungry individual who wants to learn. Although he’s in a SOC role, he’s looking at more threat hunting and purple teaming. But no one had ever asked him what direction he wanted to go in, or what sort of occasions he was eyeing up, or what technology he wanted to explore or get exposure to. So, when we called, he was all ears. He told me that he didn’t know that he was allowed to ask.”
Chapman points out that many cyber professionals are problem-solvers first and career planners second, which is why regular career conversations are essential. “If you’re not having regular, proactive conversations about growth and motivation, you’re leaving the door wide open for attrition,” he warned.
Build teams from within
Recruiting talent from within the business and training existing employees, even those traditional IT roles, is what helped another CISO, Chapman shares. “I always ask CISOs, ‘Have you looked internally first?’” he says.
