In my 21 years as an independent contractor in the security industry, I have seen hiring strategies evolve from traditional methods to the heavily outsourced model of today. In fact, I foresaw this shift back in 1996 when I witnessed the emergence of specialized demands within the industry. Today, many organizations are turning to freelance and temporary workers to address the growing cybersecurity skills gap.

The gig economy is not for everyone. It demands an entrepreneurial mindset, thick skin, a Rolodex of contacts, perseverance and, above all, family support. Like any other business, freelancers are responsible for acquiring their projects as well as back-office administrative work such as legal, accounting, procurement of office facilities and computer equipment, transportation, insurance and more. This is how an independent worker operates.

Freelancing is not ideal for those seeking a steady income, but many professionals are forced to freelance due to widespread furloughs and outsourcing of work to third parties. Others who have extensive experience in the industry may think of it as a grand opportunity to provide and deliver sorely needed wisdom and experience to organizations that lack these insights. The gig economy can also benefit millennials seeking to gain a foothold within an organization as well as mid-career professionals seeking job flexibility.

A Paradigm Shift for Hiring Managers

The gig economy grew out of the combination of digital platforms that leveraged underutilized assets. For example, key players in various industries, such as Uber and Airbnb, are tapping into underutilized human assets by using cloud technology. Companies from around the world, along with their consumers, have jumped into this phenomenon head-first, embracing the easy access and variety of choices available from their mobile devices. As a result, the gig economy has evolved from a business-to-consumer (B2C) to a business-to-business (B2B) industry.

Today, employers are in the midst of a paradigm shift from the traditional employee career path to a temporary on-demand model, which lowers costs and generates more competition for talent. This includes executive-level positions such as virtual chief information security officer (vCISO). These opportunities are often available in organizations that lack the internal expertise to augment the executive staffing requirements on a temporary or interim basis. They typically involve delivering a security program, developing and assessing the security posture, producing a road map to achieve maturity goals and conducting other CISO-related responsibilities.

The gig economy mentality also exists internally within many organizations. A CISO might offer freelance opportunities to current employees working in other areas of the business. For example, a network or application engineer may want to gain additional experience by participating in a security project. Likewise, a security application engineer may want to learn more about enterprise resource planning (ERP) systems by diving into mainframe applications such as common business-oriented language (COBOL).

According to Upwork’s “Freelancing in America 2017” report, 57.3 million people freelanced this year and contributed roughly $1.4 trillion to the U.S. economy, an increase of 30 percent since 2016. Security leaders must tap into this growing workforce to fill the expanding cybersecurity skills gap.

Advantages of Hiring Freelancers

There are many advantages to hiring freelance workers. Perhaps the most obvious is that employers are not required to pay taxes or insurance. Most independent contractors carry their own insurance and provide their own equipment. Other freelancers operate under an umbrella organization or staffing agency that provides such assurances.

Furthermore, freelancers are experienced and able to hit the ground running to deliver the skills necessary to complete the project at hand. Some temporary workers are even versatile enough to help with other projects within the enterprise.

One of the most appealing benefits of hiring freelancers is reduced overhead, which vastly improves the contractor’s experience and, in turn, the quality of the work. It also minimizes the need to screen employees for cultural fit.

Finally, freelancers are independent and thus more likely to dazzle with their experience and work ethic. These employees are the masters of their own destiny, so they are typically highly motivated to meet clients’ expectations and needs.

Closing the Cybersecurity Skills Gap

Despite the benefits described above, the transient nature of the gig economy could potentially create security risks. Freelancers often use their own equipment and mobile devices, which could introduce threats into the corporate environment. However, this also holds true for full-time employees working remotely or from personal devices, and security consultants who are responsible for protecting their own data are more likely to advocate and follow security best practices.

Today, the gig economy represents one of the best opportunities for security leaders to close the cybersecurity skills gap. Many seasoned freelance consultants see themselves as part of the businesses with which they work and identify with the values of those organizations. They are valuable resources capable of blending seamlessly into a wide variety of workplace cultures and working in tandem with full-time employees to best serve the organization’s security needs.

More from CISO

Poor Communication During a Data Breach Can Cost You — Here’s How to Avoid It

5 min read - No one needs to tell you that data breaches are costly. That data has been quantified and the numbers are staggering. In fact, the IBM Security Cost of a Data Breach estimates that the average cost of a data breach in 2022 was $4.35 million, with 83% of organizations experiencing one or more security incidents. But what’s talked about less often (and we think should be talked about more) is how communication — both good and bad — factors into…

5 min read

Ransomware Renaissance 2023: The Definitive Guide to Stay Safer

2 min read - Ransomware is experiencing a renaissance in 2023, with some cybersecurity firms reporting over 400 attacks in the month of March alone. And it shouldn’t be a surprise: the 2023 X-Force Threat Intelligence Index found backdoor deployments — malware providing remote access — as the top attacker action in 2022, and aptly predicted 2022’s backdoor failures would become 2023’s ransomware crisis. Compounding the problem is the industrialization of the cybercrime ecosystem, enabling adversaries to complete more attacks, faster. Over the last…

2 min read

Do You Really Need a CISO?

2 min read - Cybersecurity has never been more challenging or vital. Every organization needs strong leadership on cybersecurity policy, procurement and execution — such as a CISO, or chief information security officer. A CISO is a senior executive in charge of an organization’s information, cyber and technology security. CISOs need a complete understanding of cybersecurity as well as the business, the board, the C-suite and how to speak in the language of senior leadership. It’s a changing role in a changing world. But…

2 min read

What “Beginner” Skills do Security Leaders Need to Refresh?

4 min read - The chief information security officer (CISO) was once a highly technical role primarily focused on security. But now, the role is evolving. Modern security leaders must work across divisions to secure technology and help meet business objectives. To stay relevant, the CISO must have a broad range of skills to maintain adequate security and collaborate with teams of varying technical expertise. Learning is essential to simply keep pace in security. In a CISO Series podcast, Skillsoft CISO Okey Obudulu recently said,…

4 min read