Cyber Skills Gap Grows Along With Threats

Uploaded on 2017-04-21 in FREE TO VIEW, JOBS-Careers, NEWS-Newsletter Archive

A corporate job opening typically draws as many as 250 applicants with varying qualifications.

In stark contrast, a new survey of the growing cyber security skills gap reveals that just over half of US companies looking to fill corporate IT security positions receive five applications. Of those, fewer than one in four candidates possess the qualifications companies are seeking.

"As enterprises invest more resources to protect data, the challenge they face is finding top-flight security practitioners who have the skills needed to do the job," information security executive Christos Dimitriadis told the RSA security conference this week. "When positions go unfilled, organizations have a higher exposure to potential cyber-attacks."

Fifty-five percent of respondents to a cyber security skills survey said they place greatest emphasis on hands-on experience. Nevertheless, 25 percent said candidates lack technical skills. Hence, most recruiters emphasise performance-based certification and training over candidates with college degrees in cyber security.

More than two-thirds of respondents "view certifications as equally, if not more, important as formal education," according to the workforce study released this week by the cyber training and certification group ISACA.

Sensing an opportunity, companies such as IBM have moved to address the cyber security skills gap with automation tools based on its Watson cognitive computing platform. In one scenario, security teams dealing with hundreds of thousands of security events each day could hand off lesser threats to automated systems to reduce the amount of time wasted on false positives.

A new IBM research projects code-named Havyn based on a voice-powered security assistant leverages Watson conversation technology to respond to verbal commands and natural language from security analysts, the company said.

Indeed, cyber security organisations such as ISACA endorse the use of emerging cognitive tools as a way to close the cyber skills gap and address the more mundane but critical aspects of cyber-security. "Where security operational tasks can be automated, it can decrease the overall burden on staff and thereby help make best use of staff that an organisation already has," the study recommended.

It also recommended that companies take steps to retain and invest in its cyber defenders as demand for those talents increases in parallel with threats to corporate networks.

The urgency to retain cyber specialist was underscored by another finding:

Roughly one in four companies surveyed reported that the time to fill priority cyber-security and information security positions can be at least six months.

In Europe, almost one-third of cyber security job openings remain unfilled, the study found.

Another factor at work in the cyber realm is a phenomenon known as "security fatigue," defined as "weariness or reluctance to deal with computer security."
Hence, unremitting cyber-attacks and the mundane nature of the cyber security are contributing to the cyber skills gap, the study warns.

EnterpriseTech:

You Might Also Read

How AI Will Solve The Skills Shortage:

Staff Training 'Not enough to stop most data breaches':

Difficult: Attracting Women To Cybersecurity:

 

 

« Snowden Helping To Protect Journalists
Cyber-Workforce Shortage to Increase »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ThaiCERT

ThaiCERT

ThaiCERT is the national Computer Security Incident Response Team (CSIRT) for Thailand.

Infiltrate

Infiltrate

INFILTRATE is a deep technical conference that focuses entirely on offensive security issues.

CyberGhost

CyberGhost

CyberGhost is a Virtual Private Network services provider offering secure encrypted access to the internet.

Endian

Endian

Endian’s mission is to provide a secure platform that connects distributed people and things, simplifying the digitalization of businesses.

DivvyCloud

DivvyCloud

DivvyCloud protects your cloud and container environments from misconfigurations, policy violations, threats, and IAM challenges.

Salvador Technologies

Salvador Technologies

Salvador Technologies provides the world’s fastest technology to recover from cyber-attacks.

Proximity

Proximity

Proximity is a leading professional services organisation providing consulting, legal and commercial advisory solutions with a focus on government and regulated industries.

Pillar Technology Partners

Pillar Technology Partners

Pillar Technology Partners is an Information Security Company with a focus on improving Cyber Risk and optimizing the processes and technology that underpin the security of your information assets.

The Cyber Guild

The Cyber Guild

The Cyber Guild is a not-for-profit organization working to improve the understanding and practice of cybersecurity, and to help raise awareness and education for all.

Censinet

Censinet

Censinet provides the first and only third-party risk management platform for healthcare organizations to manage the threats to patient care that exist within an expanding ecosystem.

CryptoNext Security

CryptoNext Security

CryptoNext provides optimal end-to-end post-quantum cybersecurity remediation tools and solutions for IT/OT infrastructures & applications.

OSP Cyber Academy

OSP Cyber Academy

OSP Cyber Academy are a managed service provider of cyber, information security and data protection training.

MAUSHIELD

MAUSHIELD

MAUSHIELD is the national platform for sharing cyber threat information and intelligence that can help organisations to improve their cybersecurity posture, minimize risks and prevent cyber-attacks.

ACDS (Advanced Cyber Defence Systems)

ACDS (Advanced Cyber Defence Systems)

ACDS was founded in the belief that cyber security can be done better. We’re combining emerging technologies and proven methods to bring a new approach to tackling the growing threat landscape.

Stack Overflow

Stack Overflow

Founded in 2008, Stack Overflow’s public platform is used by nearly everyone who codes to learn, share their knowledge, collaborate, and build their careers.

Cyberverse Foundation

Cyberverse Foundation

Cyberverse Foundation is an organization dedicated to building a robust cybersecurity ecosystem in India.