Cyber teams

10 min read

5 steps to implement cybersecurity reskilling (& close talent gaps)

Cybersecurity leaders can reskill their existing talent into security roles to close skill gaps, retain their best employees, and develop a culture of learning.

Mags22 avatar

Mar 27

CISOs, managers, and team leaders are under immense pressure to adapt and innovate. They're tasked with finding creative solutions to the ongoing talent shortages that plague the industry.

Amidst these challenges lies a golden opportunity: reskilling initiatives. 

Reskilling is about tapping into existing talent within your organization and building formidable cybersecurity professionals from the ground up. 

Not only does reskilling help combat cybersecurity talent shortages, but it also keeps teams engaged, retains people you know and trust, offers new career opportunities, and develops a culture of learning within an organization.

The result? A better security posture for your company and a cybersecurity team that’s constantly adapting to threats.

Upskilling vs. reskilling: what’s the difference?

the difference between upskilling and reskilling

Upskilling and reskilling your team members both help to retain employees, shrink skills gaps, and attract new talent to your organization.

However, there is a difference between the two, especially when it comes to desired outcomes. 

Upskilling = linear career progression

💡An employee undertakes continuous learning to expand their existing skill set and fill any knowledge gaps.

💭Example: You benchmark the skills of your SOC analyst and discover that they are weak in cloud security. So, you provide them with upskilling opportunities in the cloud, enabling them to excel in their role while bolstering your organization’s security. 

🎯Outcome: The employee has enhanced job performance and advances in their career. This leads to increased retention and engagement, with the chance to attract more talent through upskilling initiatives. 

Reskilling = lateral movement to new roles

💡An employee learns new skills outside of their current job role and responsibilities. 

💭Example: A developer on your team shows an interest in learning more about secure coding practices to help improve application security. This could translate into them eventually joining your security team. 

🎯Outcome: The employee learns an entirely new skill set and transitions into a new role, helping to close skill gaps and reduce talent shortages. This leads to increased loyalty to your organization as you offer employees opportunities to grow into and out of their roles. 

The benefits of reskilling 

Reskilling enables organizations to fill talent shortages with existing employees. It’s a win-win as 75% of professionals we surveyed prioritize learning new skills over earning higher salaries, meaning reskilling benefits both employees and organizations.

Reskilling an existing IT employee into a cybersecurity role, for example, will often cost a fraction of the price of hiring from the market. Research shows that businesses can save up to £49,100 per reskilled worker when nurturing existing talent rather than hiring externally.

And the savings will only continue as your security posture improves with a growing security team. Employees will want to stay with your organization as you offer them opportunities to shape their careers in ways that are most meaningful for them. 

This hugely boosts retention and keeps employees loyal, maintaining a strong team you trust and can depend on. 

Reskilling embeds a culture of lifelong learning into your organization, helping with recruitment, retention, and internal rotation of roles. 

5 steps to reskill teams into cybersecurity roles

5 steps to reskill into cyber

Benchmark the skills of your existing employees before initiating any reskilling program. You can do this by conducting an event such as Capture the Flag (CTF). 

CTFs are gamified competitive cybersecurity events that are based on different challenges or aspects of information security. They’ll help your teams identify where specific skill and talent gaps lie. 

At Hack The Box, we map these skills to industry frameworks including NIST/NICE and MITRE ATT&CK. This means you can forecast skill shortages that are mapped to specific job roles.

Identify skill gaps with CTF results. Taken from our Cyber attack readiness report.

It’s also worth paying attention to trends when it comes to cybersecurity skills in demand. 

For example, our report on developing the modern SOC analyst found that the following were considered the most important knowledge domains for analysts:

  • Incident handling processes.

  • Network traffic analysis. 

  • Server log analysis for Windows and Linux. 

We also found that over 40% of professionals believe that cloud security skills will be a key priority for analysts over the next five years.

By focusing on the biggest areas of weakness in cybersecurity, you’ll be able to pinpoint which potential roles require the most reskilling.

2. Identify existing talent 

Job roles that can reskill into cyber

You can now identify existing employees who are interested in pursuing a career in cybersecurity or possess transferable skills. 

However, this doesn’t always mean that the skills must be technical. Don’t dismiss individuals who lack technical skills as these can be taught with hands-on upskilling. Look for problem-solving abilities, attention to detail, and a passion for staying updated on technology trends and the latest cybersecurity threats.

Some common occupations that transition into cybersecurity include: 

  • IT product support.

  • IT engineers.

  • Developers.

  • UI/UX design.

  • Forecasting and strategic planning.

  • Accounting.

Encourage all employees to explore areas that interest them, even if those areas of interest stretch beyond their current job role.  

You can encourage employees  to pursue a new venture in cybersecurity by sharing the following benefits: 

  • Job security and career advancement: all industries require cybersecurity professionals and many are lacking talent. This makes for a fantastic opportunity for employees to advance their careers further in a field that needs them more than ever. 

  • Lucrative rewards: compensation, work-life benefits, and upskilling opportunities are significant in the cybersecurity industry, making this a key case for reskilling.

  • Life-long learning: being a hugely challenging, dynamic, and stimulating industry, cybersecurity can be a tempting career for those employees with a growth mindset. 

Cybersecurity is becoming less of a gatekept industry. Many of today’s organizations follow a more creative approach to hiring

For example, more value is placed on practical skills over certain degrees or certifications. This enables individuals who may have less experience to gain entry-level roles. It also helps reskill existing employees into entry-level cybersecurity positions

Hack The Box offered us the opportunity to post jobs directly to a community of hackers. 


We got access to profiles that are non-traditional, this broadens your perspective and opens up a whole new addressable market of skilled candidates. 


Filtering by rank provided an indication of capability. It’s how we found Josiah, who was working in a Blue Team role at the time. His profile likely wouldn’t have reached us via a recruiting agency because it did not meet the typical criteria. 


Not only did we unearth a real gem in Josiah—who went on to become a great asset to the company and is continuing to go from strength to strength in his career—we also saved around 8,000 GBP in potential agency recruitment fees for hiring someone with Josiah’s capabilities.


Tom Williams, the former Principal Consultant at Context Information Security, shares his experience on hiring non-traditionally.

Professionals with diverse backgrounds that have technical, and non-cyber experience are great candidates for cybersecurity positions. IT and development talent is proving to be a new route into the industry. 

By facilitating new methods of gaining a foothold in cybersecurity and reskilling on the job, you’re not only reducing the talent shortage but making cybersecurity a more attractive career to pursue within your organization.

Reskill into cybersecurity

Why choose HTB Senior Web Penetration Tester job role path?

  • Reskilling opportunities: featuring black box AND white box techniques, companies can reskill developers and IT roles to cybersecurity by adopting a risk mitigation mindset.

  • Highly hands-on: teams conduct advanced web penetration tests, encompassing both white box and black box approaches on multiple real-world applications.

  • Stand out with unique skills: HTB is recognized for content that builds creativity, in-depth knowledge, and outside-of-the-box thinking required for real-world incidents.


Establishing a mentorship program is a proven formula to help reskill employees in the cybersecurity field. A seasoned security mentor can offer career direction, share knowledge, and help foster new connections. 

This also provides benefits to the mentor, enabling them to grow their leadership and training skills. 

Mentorship can even support existing cybersecurity professionals looking to reskill into specialist domains. 

For example, a SOC analyst might mentor a penetration tester, teaching them how to defend Active Directory (AD) against common vulnerabilities, for instance. 

This purple team training may look like this:

An organization could perform an exercise where the red team begins an Active Directory related attack within the internal network to see at what threshold the attack tactics are discovered and even blocked. 


Once discovered, the red team can move on to attack a different portion of the network, trying to remain as stealthy as possible until the blue team discovers them once again (or not at all). 


Afterward, the purple team would facilitate knowledge sharing between the red and blue teams. This way, the red team will be able to adjust their techniques to attempt to better evade detection during future exercises.


Ben Rollin (mrb3n), Head of Information Security at Hack The Box

Our Sherlocks Labs facilitate purple team upskilling with defensive and offensive versions of Machines for the full 360 learning experience:




There’s been a potential security breach within Forela's internal network. It’s your job to investigate, putting your digital forensics and network security skills to the test.


Exploit an unauthenticated arbitrary file read vulnerability, gaining full administrative access to the machine.


A critical alert has been raised over a newly implemented Apache Superset setup. You need to investigate and confirm the presence of any compromise.


Test your web application skills as you attempt to exploit a vulnerability in Apache Superset.


You have been tasked with the analysis of artifacts from a potentially compromised GitLab server.


Explore how you can exploit and gain a foothold in a GitLab server.

By encouraging mentorship for employees looking to reskill in cybersecurity, you’ll cultivate a supportive environment where teams feel empowered to seek guidance to advance their careers. 

The result? More engaged employees, a stronger cybersecurity team, and reduced levels of risk.

Reskill for the future of cybersecurity

Reskilling not only saves time and money in the hiring process but also creates cybersecurity professionals who are passionate and loyal to their organizations. 

Why not launch your own reskilling initiative? Hack The Box can help with our beginner-friendly content, defined job role paths, and certifications on Academy. 

Starting role

HTB certification training

Reskilled role

IT support