Companies are struggling to find cybersecurity talent, and roles remain unfilled for months at a time. But is there really a lack of qualified candidates on the market? Is the problem with the lack of skills - or are we inadvertently limiting the talent pool before we even post the job spec?