Every day, news stories, speeches, and vendor pitches lament our acute cybersecurity talent shortage, one that will take years to address. However, the shortage is largely self-inflicted, which means that CISOs can tackle it quickly by changing how they recruit, train, and retain people. CISOs want and need a team with competence in cybersecurity, but this can lead to missteps when seeking out these professionals. This report dissects the myths, misconceptions, and half-truths about cybersecurity staffing and outlines a more effective strategy for security leaders to develop a complete, competent security team.