Information Systems Security Association (ISSA) and Enterprise Strategy Group (ESG), an independent industry analyst firm, have published their fourth annual worldwide report on the availability of skilled cybersecurity personnel.
For the fourth year running, it reports an increase in the proportion of organisations affected by the lack of cybersecurity talent, rising from 45% a few years ago to 70% now.
The main consequences of this shortage include unfilled vacant positions, a greater burden on existing employees, and a lack of ability when it comes to fully exploiting cybersecurity technology. These inevitably led to organisations not being as protected as they should be.
When looking at the root causes for the shortage, the study’s authors point to the lack of a well-defined and globally recognised pathway into the profession. A well-established career path is also lacking, with current cybersecurity experts working it out on a case-by-case basis.
The study also points to a need for companies to look at cybersecurity talent as a long-term concern. A majority of respondents highlighted the importance of hands-on experience, but this of course means that someone first needs a job, creating a situation a little like the chicken and the egg. What’s more, 39% of respondents believed that it takes three to five years to develop a good proficiency in cybersecurity, while 18% are of the opinion that it takes even longer than this. This implies that organisations should ideally be recruiting to fulfil their needs years in advance, with recruits being regarded more a long-term investments than quick fixes.
ESG Fellow and senior principal analyst Jon Oltsik said about the situation:
"As this and past reports clearly indicate, key constituents are not looking at the profession strategically. While we are making some fragmented progress, the same issues present themselves year after year, including a shortage of skills, under-trained employees, and the stress and strain caused by a career in the cybersecurity field. These disturbing trends should be of concern to corporate directors and business executives, particularly in light of the alarming findings this year that 67 percent of respondents believe that cyber-adversaries have a big advantage over cyber-defenders."
The shortage of cybersecurity talent has been an ongoing issue for years, with the growth in demand outpacing the effect the various initiatives have had on attracting more people to the field. There is another way, however, because not every organisation needs to have its own team of cybersecurity professionals.
At Pro-Networks, we can manage your systems for you with our managed IT support services. For example, we can put together a package of technology and other measures to ensure your organisation is protected from the threats it faces while also respecting your budget. We can also use remote monitoring and management tools to look after your network, patching systems where needed and correcting any issues that arise before they become a problem, as well as advise you on cloud integration and data backups and recovery.