W E L C O M E  T O

TALENT MANAGEMENT

INCREASINGLY CHALLENGING ENDEAVOR FOR ALL ORGANISATIONS.

REGULATORY DEMANDS AND INCREASING COMPLEXITY

Regulatory demands and increasing complexity have placed steadily growing requirements on the Security & Risk Management Functions and the individuals within it. The rising complexity has not only aggravated the Detection & Control of Risks but also increased the damage in case it materializes.

CURRENT CYBER SECURITY, RISK & CONTROL FUNCTIONS REQUIREMENTS

Current Cyber Security, Risk & Control Functions require not only employees with Technical Skills but also staff who are creative, assertive, and flexible in fast changing business environments. In addition to individual Talent Management, which attracts and develops individuals, collective Talent Management ensures that an appropriate balance of talented people cooperate in the best way to realize effective Security & Risk Management.

REVITALIZING
TALENT-MANAGEMENT
CAPABILITIES IN CYBER
SECURITY, RISK &
CONTROL FUNCTIONS

Addressing the Neglected Priority for a Resilient and Agile Defense

The build-up of Talent-Management Capabilities within Cyber Security, Risk & Control Functions has often struggled to keep pace with the new demands. Despite the growing importance of these functions, there has been a misperception that enterprise value is only generated by the revenue-generating front line, neglecting the contribution of Security & Risk Functions in preventing losses. As a result, there has been a stronger emphasis on Talent-Management Initiatives & Capabilities in frontline departments, while the development of talent in Security, Risk & Control Functions has been overlooked.

Recent Regulatory & Compliance changes have demanded high levels of Senior-Management attention and often shift the focus away from longer-term topics, such as setting an agenda focused on Strategic Talent & People. Hence, strengthening the Talent in the Security, Risk & Control Functions has not been sufficiently in focus in recent years. Consequently, this is now a priority to ensure that Cyber Security, Risk & Control functions can cope with the more challenging and ever-changing environment as well as oversee and challenge the front line.
Talent Management within Security & Risk Functions is perceived as an important issue by most companies. However, our findings reveal that in reality only a small minority of companies are close to realizing the ambition to conduct meaningful and effective Talent Programs in their Cyber Security & Risk Functions. Although some Larger Corporates have launched Dedicated Initiatives and started to put Talent Management in the spotlight, many companies are mostly lagging behind recommended practices and selectively have not focused on Talent Management at all in recent years.
Banks and corporates alike need to strategically rethink their People-Management Approach in the Cyber Security & Risk Functions in order to enable sustainable change. For many companies there are several immediate important moves, including the following:
  • Define Target Requirements on collective Talent Management for the Cyber Security & Risk Function. Individual-Talent-Management Needs can be derived on this basis.
  • Perform an appropriate diagnostic along Major Talent-Management Dimensions to compare the company’s Talent-Management Capabilities with Industry Best Practices and the Company’s Own Target.
  • Perform a bottom-up transparency screening of the current workforce to Identify Patterns as well as Talent & Skill Gaps and to compare with Self-Defined Requirements.

HOWEVER, OUR FINDINGS REVEAL

In reality only a small minority of companies are close to realizing the ambition to conduct meaningful and effective Talent Programs in their Cyber Security & Risk Functions. Although some Larger Corporates have launched Dedicated Initiatives and started to put Talent Management in the spotlight, many companies are mostly lagging behind recommended practices and selectively have not focused on Talent Management at all in recent years.

TALENT MANAGEMENT WITHIN SECURITY & RISK FUNCTIONS

AN IMPORTANT ISSUE TO MOST COMPANIES

STRATEGIC TALENT MANAGEMENT INITIATIVES

INDIVIDUAL AND COLLECTIVE

Several widely accepted and applicable Strategic Talent-Management Initiatives need to be embraced by Cyber Security & Risk Functions. The first few Initiatives focus primarily on enhancing Individual-Talent-Management Capabilities, while the last Initiative, targets mainly Collective Talent Management.

ATTRACT & RECRUIT TALENTED EMPLOYEES

TRAIN & DEVELOP EMPLOYEES

TURN EMPLOYEES INTO WELL-ROUNDED & CAPABLE LEADERS

REWARD EMPLOYEES MORE EFFECTIVELY

OTHER MANAGEMENT APPROACHES

Banks and corporates alike need to strategically rethink their People-Management Approach in the Cyber Security & Risk Functions in order to enable sustainable change. For many companies there are several immediate important moves, including the following:

DEFINE TARGET REQUIREMENTS

Define Target Requirements on collective Talent Management for the Cyber Security & Risk Function; individual-Talent-Management Needs can be derived on this basis.

MAJOR TALENT DIAGNOSTICS

Perform an appropriate diagnostic along Major Talent-Management Dimensions to compare the company’s Talent-Management Capabilities with Industry Best Practices and the Company’s Own Target.

BOTTOM-UP APPROACH

Perform a bottom-up transparency screening of the current workforce to Identify Patterns as well as Talent & Skill Gaps and to compare with Self-Defined Requirements.