The Cyber Skills Shortage Is Not Getting Any Better

Uploaded on 2022-02-08 in JOBS-Training, FREE TO VIEW

As digital transformation drives the importance of cyber security to a company’s value proposition, cyber security managers continue to face big challenges in finding people with the right skills. 

According to a recent survey conducted by cyber security recruitment firm Stott amd May, in conjunction with Forgepoint Capital, internal skills continue to represent the single most significant barrier to strategy execution for 43% of cyber security leaders. Other key hurdles included budget (35%), technology (13%), and board-level buy-in (9%).

The research, entitled ‘Cyber Security in Focus’, provides insight into the thoughts and core priorities of a snapshot cohort of 55 security leaders and examined critical themes including the skills shortage, inhibitors to strategy execution as well as the business perception of cyber security functions. Respondents come  from Stott and May’s professional network across Europe, the Middle East and Africa (EMEA) and North America. The roles surveyed included Cyber Security Directors, Security Operations Directors, and VPs of Product Security, with 36% of the sample originating directly from the CISO community. 

Highlights from the survey include:

  • Security leaders continue to experience challenges sourcing experienced talent, with 73% highlighting it as an area of concern. Time-to-hire also remains a potent issue. 35% pointed to positions being left unfilled after a 12-week period.
  • Further evolution surrounding the working pattern of security professionals looks likely, with 73% of security leaders favoring a hybrid approach and an additional 22% going fully remote.
  • The significance of cyber security is becoming even more broadly recognized internally, as 80% of security leaders believe their business perceives the function as a ‘strategic priority’ – up from 54% last year.
  • 100% of the sample of cyber security leaders now either agree (38%) or strongly agree (62%) that their business feels the function plays a role in improving the overall value proposition to customers.
  • Concern is growing among 51% of respondents that cyber security investment is not keeping pace with the drive towards digital business.
  • 54% of hiring managers believe that salaries have increased more than 11% year on year, further highlighting the demand for talent.

The challenges posed by digital transformation and the sheer pace of agile software development are also culminating in the emergence of a new type of CISO: the engineering-centric CISO.

“A lot of digital transformation is inherently going to be driven by engineering and finding a CISO that can empower developers with knowledge, tooling, and experience will enable outcomes to be achieved faster and more securely.” according to William Lin of Forgepoint Capital,

Shifting security into the product development lifecycle is a central issue for CISOs. James Dolph, CISO at Guidewire Software commented  “... security is not and cannot be viewed as an add-on, it is not optional and should be part of the company’s value proposition.”

Stott And May:

You Might Also Read: 

The Cyber Skills Shortage & Training Gap - What Is The Solution?:
 

« Beware PowerPoint Files With Hidden Malware
Google & Facebook Will Have To Pay British Newspapers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Security Stronghold

Security Stronghold

Security Stronghold is focused on protecting computers from malicious programs like viruses, Trojans, spyware, adware, trackware, keyloggers and other kinds of online threats.

Indium Software

Indium Software

Indium Software is an Independent Software Testing Company offering software testing services (including security testing) and offshore Quality Assurance solutions.

BigID

BigID

BigID is redefining personal data protection and privacy. BigID software helps companies secure their customer data & satisfy privacy regulations like GDPR.

Proficio

Proficio

Proficio is a world-class Managed Security Service Provider providing managed detection and response solutions, 24×7 security monitoring and advanced data breach prevention services worldwide.

Innovative Solutions (IS)

Innovative Solutions (IS)

Innovative Solutions is a specialized professional services company delivering Information Security products and solutions for Saudi Arabia and the Gulf region.

Honeywell Process Solutions (HPS)

Honeywell Process Solutions (HPS)

Honeywell's Industrial Cyber Security Solutions help plants and critical infrastructure sectors defend the availability, reliability and safety of their industrial control systems.

TypingDNA

TypingDNA

TypingDNA uses AI to recognise people by the way they type on desktop keyboards and mobile devices.

US-Africa Cybersecurity Group (USAFCG)

US-Africa Cybersecurity Group (USAFCG)

USAFCG provides cybersecurity consulting services and delivers training programs for capacity building in Africa.

SolCyber

SolCyber

SolCyber, a Forgepoint company, is the first modern MSSP to deliver a curated stack of enterprise strength security tools and services that are accessible and affordable for any organization.

Mission Critical Partners (MCP)

Mission Critical Partners (MCP)

Mission Critical Partners is committed to delivering innovative solutions that help our clients enhance and evolve their critical-communications systems and operations.

CyberconIQ

CyberconIQ

CyberconIQ provide an integrated Human Defense Platform that reduces the probability and/or the cost of a cybersecurity breach by measurably improving our clients risk posture and compliance culture.

CYGNVS

CYGNVS

CYGNVS is a guided cyber crisis response platform providing anytime, anyplace access. A SaaS platform for cyber crisis management – a safe way to connect and control your response.

Coffee Cup Solutions

Coffee Cup Solutions

We offer a full spectrum of IT Services, from our UK based Helpdesk to IT Consultancy and Cyber Security. Our team has the skills and experience to develop, deliver and manage IT for your business.

Fingerprints

Fingerprints

Fingerprints is the world-leading biometrics company. Our solutions are found in millions of devices providing safe and convenient identification and authentication with a human touch.

Getvisibility

Getvisibility

Getvisibility enables customers to detect, classify and protect sensitive information increasing data security, governance, compliance and lowering the risk of losing valuable data.

Eleviant Tech (CTG Group)

Eleviant Tech (CTG Group)

Eleviant Tech (CTG Group) is a USA based digital transformation company with expertise in Mobile, Cloud, Web, IoT, AR, RPA, Cyberseurity and AI Technologies.