Written by David Nesper, Managing Partner at Hula Partners
The Equifax data breach is a teachable moment if ever there was one.
Equifax said the attackers entered its system in mid-May through a vulnerability in the Apache Struts application that had a patch available in March 2017. In other words, the company had more than two months to fix a problem that would have protected the personal data of over 143 million people.
This mega-breach highlights one of the key challenges companies face today: a skills gap and a hyper-competitive talent war that makes finding and retaining top talent incredibly tough.
Salesforce’s recent State of IT report surveyed 2,263 full-time IT leaders around the world and found that high-performing IT teams represent only 15 percent of the overall business landscape. Nearly a full quarter are rated “underperformers.”
Clearly, Equifax fell into that category. A high functioning team would have recognized the potential liability and acted with urgency. But in an era when even companies like Facebook, Apple, Amazon, and Google often lose talent to younger tech companies like Airbnb and Lyft, how much of a fighting chance do non-tech legacy players like Equifax have for securing the kind of talent that might have been more on top of things?
What Can Be Done
Research firm L2 took a data-driven approach to honing in on the strategies that companies use to successfully lure tech talent away from tech companies. Opening an office close to a tech hub, for example, is very effective. Another strategy that works well, the firm reported, is offering executive-level titles and perks to senior players who want more than a lateral move. L’Oréal, for example, successfully recruited its chief digital officer away from Instagram by offering her a seat on its executive committee.
Wages are another area that could probably benefit from some corporate self reflection. After all, in an era when employee salaries have remained stagnant, how reasonable is it to expect employees’ skill sets to keep growing?
This extends into training too. In its 2017 What Workers Want report, recruiting firm Hays found a strong desire for more training among IT professionals — many of whom are self-taught — but also found a notable mismatch between the types of training IT professionals want and what they actually get.
The Legacy Tech Has to Go Too
Even hiring top talent and offering them all the training in the world won’t prevent another Equifax-like incident without a significant investment in technology itself.
A recent survey of over a thousand IT decision makers by Riverbed Technology found the vast majority feel legacy infrastructures are holding their companies back. 93 percent of IT decision makers aid legacy networking tech causes cloud-related network problems at least once a month.
The Ponemon Institute — a think tank that focuses on data protection — found that 94 percent of enterprise IT decision makers still use a traditional network firewall and only 44 percent believe their organization has the ability to protect their network from potential attacks.
Bringing It All Home
The legacy tech problem connects up with the recruiting problem. When a prospective employee finds out an employer is using software built during the Reagan administration, how excited is she going to feel? Great tech workers want their skills to stay relevant. To attract and keep them, the technology has to be relevant too.
The general sophistication of consumer tech, of course, is a driving force here as well. Salesforce found 71 percent of employees want companies to provide the same level of technology as they use in their personal lives. The consumerization of IT trend is very real.
It says a lot that high-performing IT teams (which, again, are only 15 percent) are nearly three times more likely to make employee experience projects a priority. Airbnb, for example, recently changed the title of Chief Human Resource Officer to Chief Employee Experience Officer—a sign that the company is starting to reframe its own workforce as an audience with high expectations versus a pool of talent merely to be used.
So, in the wake of Equifax, maybe a little less talk about the “skills gap” might actually be a good thing. The skills gap is often discussed as if it’s a structural flaw in the workforce — some failure on the part of the masses to achieve full potential.
In fact, maybe the skills gap is really a spending gap. To get better performing teams and prevent more mega-breaches, maybe more companies need to start giving employees more of what they need: higher salaries, bigger investments in training, and the up-to-date technology that will let them do their jobs.