Plugging the infosec skills gap with expensive consultants or by trying to hire already skilled people won't fix recruitment headaches, Thom Langford, CISO at Publicis Groupe, insisted at the #IRISSCERT conference in Dublin this week.
He argued that the industry should be looking for "passionate people and inspire them", rather than people with CVs ticking the appropriate boxes.
"I'm not asking for people to take chances, rather give people opportunities" by looking beyond qualifications and experience and thinking about potential.
"We need to stop looking only for round pegs to go into round holes," Langford said, adding that those with an IT background pick things up more quickly.
Lee Munson, senior associate for information security at Publicis Groupe, added that would-be infosec entrants should "demonstrate their passion" and the tech skills should follow naturally.
Another speaker was Christopher Boyd, an analyst at Malwarebytes. Boyd's degree was in fine art but the consequences of a friend becoming infected with malware prompted him to take down a hacker group and led him to become more and more involved in infosec.
Boyd is a seven-time Microsoft MVP in Consumer Security. ®