fbpx
THE SHORTAGE OF CYBERSECURITY TALENT IS GETTING WORSE
 
2020 has been a challenging year on various fronts. Among those challenges are cyber threats across all industries. Cyberattacks increased during the pandemic response and workforce shift. Research, hospital systems and healthcare industries endured severe cyberattacks, resulting in breaches, ransomware and outages – and the threats show no signs of slowing down.
 
 
Companies from different industries are expected to keep their customers’ data safe and secure, but the growing shortage of qualified cybersecurity professionals is making it difficult to do that. It’s estimated that the number of unfilled cybersecurity positions will grow to a staggering 3.5 million by 2021, from 1 million in 2016.
  • 74 percent of respondents to the ESG/ISSA research report say that their firms are being affected by the shortage. This number, by the way, has crept up from 70 percent last year.
  • Just over 2 job postings for every 1 available cybersecurity professional in US.
  • By 2021, the global loss caused by cyber crime will reach 6 trillion US dollars, double the 3 trillion US dollars in 2015. This includes data corruption, theft of funds, loss of productivity, theft of intellectual property, theft of personal and financial data, embezzlement of public funds, fraud, post-attack damage to normal business processes, forensic investigations, recovery and detection of hacked data and systems, and reputation damage.

A PwC Report also states that:

  • The irony is that security has never been more important in a world of mass remote working and digital transformation. Over half (56%) of respondents to the study said their organizations are at risk due to cybersecurity staff shortages.
  • Cloud security is the most in-demand skillset, with 40% of respondents stating they plan to develop it over the next two years.
  • Interestingly, only half (49%) of those working in the industry actually have degrees in computer and information sciences, highlighting the importance of employers looking outside the sector to find fresh blood.

(ISC)2 Report also has pointed out that :

  • The interviewees were mostly concerned about the shortage of senior/experienced cybersecurity talents.
  • Companies should pay attention to new employees who have just joined, especially those who are new graduates or those who have just started a cybersecurity career. Moreover, companies should also determine the job requirements and certifications to be obtained according to the job level “reasonable” because cybersecurity personnel often complain that the “entry-level” position that requires a lot of experience and qualifications.

Forbes also reports that:

  • The overall talent market has a noticeable shortage of advanced cybersecurity skills, and there are not enough resources across the board. It is an arduous task to
  • find an experienced Security Analyst, Threat Researcher, Security Architect, Security Analyst or a Cloud Security Architect; it will typically take several months of searching and investment to fill positions like these.
  • Businesses must defend against threats in real-time, so they should recruit for a 24x7x365 cybersecurity team – adding a layer of difficulty to the hiring process. Cybercriminals do not take a break on weekends, nights or even Christmas Eve, and filling positions with a work schedule across all hours of the day, weekends and holidays is incredibly challenging.
  • Existing cybersecurity staff is overworked and not set up for 24x7x365 incoming threats.
  • Inexperienced professionals are being asked to deliver on advanced security requirements.
  • Team and business are dependent on technology-based solutions without the expertise to manage them properly
The primary ramifications of the skills shortage include an increasing workload on the existing cybersecurity staff, long-standing open jobs, an increase in hiring and training junior personnel, and an inability to learn or utilize security technologies to their full potential. This last implication is somewhat ironic. We are so busy putting out cybersecurity fires that we haven’t taken the time to learn how to properly use the hoses.
 
I have tried my best to collect the important pieces on this very important topic. Please let me know of what do you think about this in the comment section.
 
 

This Article Was Written & published by Meena R,  Senior Manager - IT, at Luminis Consulting Services Pvt. Ltd, India. 

Over the past 16 years, Meena has built a following of IT professionals, particularly in Cybersecurity, Cisco Technologies, and Networking...

She is so obsessed with Cybersecurity domain that she is going out of her way and sharing hugely valuable posts and writings about Cybersecurity on website, and social media platforms. 

34,000+ professionals are following her on Facebook and mesmerized by the quality of content of her posts on Facebook. 

If you haven't yet been touched by her enthusiastic work of sharing quality info about Cybersecurity, then you can follow her on Facebook:

Click Here to follow her: Cybersecurity PRISM