Most Cyber Security Teams Are Understaffed

Uploaded on 2021-05-19 in JOBS-Careers, FREE TO VIEW

The effects of the Cornonavirus  have rippled across the world, impacting workforces in nearly every sector, however, according to the findings of the 'State of Cybersecurity 2021' report from ISACA and HCL Technologies, the cyber security workforce has largely been unscathed, although the same challenges in hiring and retention continue at levels similar to years past. 
 
The results show that just 53 percent of the 3,600 information security professionals who participated in the survey say they had difficulty retaining talent last year during the pandemic. This is a four-percentage point decline from the year before, which may have been a side effect of uncertainty amidst Covid-19.   
 
In a climate where remote work became much more prevalent, those citing “limited remote work possibilities” as a reason for leaving their cyber security role saw a six-percentage point decline (45%) compared to the year before. 
 
Though the cyber security workforce was mainly spared the pandemic devastation experienced by other sectors, the survey found that long-standing issues persist, including:
 
  • 61% of respondents indicate that their cyber security teams are understaffed.
  • 55% say they have unfilled cyber security positions.
  • 50%t say their cyber security applicants are not well qualified.
  • Only 31% say HR regularly understands their cyber security hiring needs.
 
“Making a meaningful difference in addressing the persistent skills gaps in the cybersecurity workforce will require a collaborative and concerted effort between government, academia and industry,” says Renju Varghese, Fellow & Chief Architect at HCL Technologies. “Through strategic partnerships and outreach, we will be able to not only better prepare graduates coming out of university programs but also equip a wide range of candidates from non-traditional paths with the skills needed to succeed in a cyber security career.”
 
Despite the high demand for cyber security jobs, 50 percent of those surveyed generally do not believe that their applicants are well qualified. 
 
Additionally, only 27% of survey respondents say that recent graduates in cyber security are well-prepared, though 58%  indicate that they require a degree for entry-level cyber security positions. Respondents note that they also seek prior hands-on cybersecurity experience (95%), credentials (89%) and hands-on training (81%) when determining whether a candidate is qualified. 
 
The top three skills gaps they see in candidates are soft skills (56 percent), security controls (36 percent) and software development (33 percent), which organisations are addressing by:  
  • Training non-security staff who are interested in moving to security roles (43 percent)
  • Increasing usage of contract employees or outside contractors (37 percent)
  • Increasing use of re-skilling programs (23 percent)
  • Increasing use of performance-based training to build hands-on skill (22 percent)
  • Increasing reliance on AI/automation (22 percent)
 
These findings show that retention issues and increased cyber attacks are related. Sixty-eight percent of respondents who experienced more cyber attacks in the past report being somewhat or significantly understaffed. Sixty-three percent who experienced more cyber-attacks in the past indicated they have experienced difficulties retaining qualified cyber security professionals. 
 
ISACA:          Help Net Security    MorningStar:     
 
You Might Also Read: 
 
Hiring Good Cyber Security Professionals Is Hard Work:
 
 
« Russian Hackers Have Updated Their Techniques
Dutch Cyber Security Under Threat »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Pondurance

Pondurance

Pondurance is an IT Security and Compliance company providing services in Cyber Security, Continuity, Compliance and Threat Management.

Conscio Technologies

Conscio Technologies

Conscio Technologies is a specialist in IT security awareness. Our solutions allow you to easily manage innovative online IT awareness campaigns.

Texplained

Texplained

Texplained specializes in security audits of microchips to identify vulnerabilities and protect against invasive cyber attacks.

BMS Group

BMS Group

BMS is an independent, employee-owned specialist insurance broking group. Broking solutions include Cyber and Technology.

Axis Capital

Axis Capital

AXIS Insurance’s Professional Lines Division is a leading underwriter of technology/cyber coverage and other specialty products around the globe.

GreyCampus

GreyCampus

GreyCampus is a leading provider of training for working professionals in the areas of Project Management, Big Data, Data Science, Service Management, Quality Management and Information Security.

AdEPT Technology Group

AdEPT Technology Group

AdEPT are a managed services and telecommunications provider offering award-winning, proven and uncomplicated technical solutions for over 12,000 organisations across the UK.

Concourse Labs

Concourse Labs

Concourse Labs Security Guardrails continuously verify cloud infrastructure and workloads. Continuously assess clouds for security, resiliency, and regulatory compliance.

Cornami

Cornami

Cornami delivers real-time computing on encrypted data sets, which is vital for data privacy and cloud security.

PhishProtection

PhishProtection

We created Phish Protection to prevent all types of phishing including spear phishing protection and office 365 email protection for your small business.

Vertek

Vertek

Vertek is a leading provider of operations consulting, end-to-end business process outsourcing, business intelligence, software applications and managed cybersecurity solutions.

Leo CybSec

Leo CybSec

Leo CybSec unites a group of Cyber Security experts with 20+ years of collective expertise to help our clients realise and mitigate the cyber challenges and risks facing their business.

Texaport

Texaport

Texaport's vision is to be the trusted partner of choice for organisations seeking comprehensive IT management and cutting-edge security solutions.

CyberForceHQ

CyberForceHQ

CyberForce helps cyber security professionals take real-world tests, get ranked and get paid better. It's that simple.

Xcede

Xcede

Xcede are global technology recruitment specialists. We connect companies with exceptional professionals who empower growth.

CyRiSo

CyRiSo

CyRiSo is a cyber security consulting company with a focus on 'as-a-service' services for the most pressing challenges of cyber security.