The cybersecurity talent gap is pushing enterprises to rethink how they source and develop the next generation of security professionals as cyber threats intensify and AI transforms the risk landscape. Traditional hiring models are falling short, prompting organizations to seek unconventional talent pools — including gamers — to bridge critical workforce shortages.
As the cybersecurity conversation evolves, two priorities are rising to the forefront: the urgent demand for innovative workforce strategies and the accelerating need for AI-powered defenses. Faced with credential theft, data overexposure and mounting regulatory pressures, security leaders are turning to gamification and community-building as essential strategies for resilience in an increasingly hostile digital world, according to Matt Radolec (pictured), vice president of incident response, cloud operations and SE EU at Varonis Systems Inc.
Varonis’ Matt Radolec talks to theCUBE about the cybersecurity talent gap.
“My keynote last year was on reducing the blast radius of AI, really drawing to the fact that a lot of people don’t really realize how much data AI can access, and it’s a lot more than you might realize. That’s kind of the premise of AI is if you get data security, there’s a lot of benefits, but if you get it wrong, there’s a lot of risk,” Radolec said. “This year, I’m going in a completely different direction. I really feel that gamers are the most untapped talent pool in the workforce and are ripe for cybersecurity.”
Radolec spoke with theCUBE’s Jackie McGuire at the RSAC 2025 Conference, during an exclusive broadcast on theCUBE, News Media’s livestreaming studio. They discussed how the cybersecurity industry is turning to unconventional talent sources such as gamers and adopting gamified career development to address the cybersecurity talent gap, while simultaneously evolving its defenses to counter AI-driven threats and credential-based attacks. (* Disclosure below.)
Building cybersecurity talent gap solutions through unconventional strategies
Gamers offer a promising answer to the cybersecurity talent shortage, combining a natural affinity for strategy, adaptability and collaboration. Companies that recognize and cultivate these skills can build resilient security teams faster and more effectively than through traditional hiring pipelines, according to Radolec.
“One is gamers love to strategize, they want to come up with a plan to take down the boss, and they’re also really adaptable,” he explained. “I think of shooting games, you have to be good with all the weapons. Or RPG games, you have to play the different classes. You are not always a healer or a tank or a damage dealer. There’s all these quests that you have to do, gamers also love this sense of achievement. As a leader, if you learn how to use those skills and that drive, you can really get a lot out of gamers.”
This approach does not end with recruiting. Organizations must also rethink professional development to resemble game-style progression, rewarding employees for learning new skills and completing challenges. By gamifying career advancement, companies can retain top performers and transform inexperienced recruits into cybersecurity leaders, Radolec stated.
“The talk is called From Gamer to Leader, and the principle here is that we as leaders have to create that skill gap, how to fill that skill gap,” he said. “It’s a lot, and I’ll use this analogy in my talk, if you play World of Warcraft or you’ve ever heard of an RPG game where as you level up, you get talent points to spend. You start as a lowly level mage that can cast basic spells, but at the end you can summon an elemental or something like that and you are adorned in fire the whole time. It takes a lot of questing and a lot of leveling up to get there.”
Beyond workforce development, the most immediate cyber threats are shifting as attackers increasingly exploit stolen credentials rather than launching complex breaches. Preventing insider-driven attacks, controlling cloud costs and defending against AI-driven threats are becoming central focuses for security leaders. Investing in both human and technological defenses — and ensuring they work together seamlessly — has never been more critical, according to Radolec.
“That’s the number one threat that people are facing, is that the impact of one user account getting compromised,” Radolec said. “Certain companies, you still need to worry about APTs and nation state actors. But the average company that comes to RSA, you need to be worried about password reuse. You need to be worried about how much someone can get to with a Copilot or an agentic AI in your environment. Focus on the things that are likely to happen and likely to be impactful because the regulators don’t care.”
Here’s the complete video interview, part of News’s and theCUBE’s coverage of the RSAC 2025 Conference event:
(* Disclosure: Varonis Systems Inc. sponsored this segment of theCUBE. Neither Varonis nor other sponsors have editorial control over content on theCUBE or News.)
Photo: News
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU
