[CSO] Research suggests cybersecurity skills shortage is getting worse

We have great expertise in supporting companies and candidates in their social recruiting and talent hunting journey, alleviating the “skill gap” issue. Our capabilities and our problem-solving approach are proven by the appreciation of so many customers. Let’s have a talk!

On this subject, here is an article about the cybersecurity skill gap: New data from reveals growing skills gaps that represent an existential threat. What should organizations do? 

Each year, ESG does an annual global survey on the state of IT — the business value of IT, new IT initiatives, areas of concern, etc. This year’s research is based upon a survey of 620 IT and cybersecurity professional across all industries, with respondents working in North America and Western Europe.

Research suggests cybersecurity skills shortage is getting worse

ESG asks respondents to identify areas in which they have a “problematic shortage” of skills on an annual basis. Once again in 2018, survey respondents say cybersecurity represents the biggest area where their organizations have a problematic shortage of cybersecurity skills. The #2 response was IT architecture/planning, and the #3 response was server/virtualization administration.

  • 2014: 23 percent of respondents claimed their organization had a problematic shortage of cybersecurity skills
  • 2015: 25 percent of respondents claimed their organization had a problematic shortage of cybersecurity skills
  • 2016: 46 percent of respondents claimed their organization had a problematic shortage of cybersecurity skills
  • 2017: 45 percent of respondents claimed their organization had a problematic shortage of cybersecurity skills
  • 2018: 51 percent of respondents claimed their organization had a problematic shortage of cybersecurity skills

Oh, and in each of those years, cybersecurity was consistently the largest problematic skills shortage area.

This data aligns with the results of the 2017 ESG research project with the information systems security association (ISSA). In the ESG/ISSA study, 70 percent of cybersecurity professionals claimed their organization was impacted by the cybersecurity skills shortage, with ramifications such as an increasing workload on cybersecurity staff, the need to hire and train junior personnel rather than experienced cybersec pros, and a situation where the cybersecurity team spends most of its time dealing with the emergency du jour, leaving little time for training, planning, strategy, etc. (Note: This report is available for free download here.)

Based upon ESG research, other industry research, and lots of discussions with CISOs and cybersecurity professionals, I can only conclude that the cybersecurity skills shortage is getting worse. Given the dangerous threat landscape and a relentless push toward digital transformation, this means the cybersecurity skills shortage represents an existential threat to developed nations that rely on technology as the backbone of their economy, critical infrastructure, and society at large.

How smart CISOs are dealing with the cybersecurity skills shortage

The cybersecurity skills shortage impacts organizations of all sizes, industries, and geographies. This means CISOs should consider the implications of the skills shortage in every decision they make. Smart CISOs are doing their best to cope with this situation by:

  1. Consolidating and integrating security technologies. This includes building an integrated security operations and analytics platform architecture (SOAPA) that lets them manage and utilize security technology holistically rather than on a tool-by-tool basis.
  2. Moving toward technologies with advanced analytics. Think of artificial intelligence and machine learning as a helper application that can accelerate security processes and make the staff more productive.

[to continue, click HERE]