The Skills Shortage Presents A Looming Cyber Security Threat

The global IT security skills shortage has surpassed four million, according to (ISC)2.  In the United States alone, current estimates suggest a shortage of cyber security employees of 1.8 million by 2022.  Indeed, their recent survey of the job market for cyber security professionals reveals that most countries need significant increases and sustained improvements in their cyber security workforces.

The certifications organisation compiled its latest Cybersecurity Workforce Study from interviews with over 3200 security professionals around the world. The (ISC)2 data indicates a necessary cybersecurity workforce increase of 145%.

 The study provides  insights and strategies for building and growing strong cybersecurity teams as many organisations struggle with a proliferation of attacks by hackers.

The report estimated the current global workforce at 2.93 million, including 289,000 in the UK and 805,000 in the US.

  • The number of unfilled positions now stands at 4.07 million professionals, up from 2.93 million this time last year.
  • This includes 561,000 in North America and a staggering 2.6 million short-fall in APAC. 
  •  In the US market, the current cyber security workforce estimate is 804,700 and the shortage of skilled professionals is 498,480, requiring an increase of 62% to better defend US organisations. 
  • The shortage of skilled workers in the industry in Europe has soared by more than 100% over the same period, from 142,000 to 291,000.

To tackle the problem in the the US the Dept of Homeland Security (DHS) Science and Technology Directorate (S&T), in partnership with the Cybersecurity and Infrastructure Security Agency (CISA), has awarded $2 million to an initiative that will build a national network of cyber security technical institutes.

The aim of new US cybersecurity technical institutes is to shrink the cyber security workforce shortage. 

Referring to cyber security workforce needs, the report found that “the majority of US critical infrastructure is owned and operated by private companies, making its cybersecurity workforce vital.... Also, the Federal government depends heavily on its cyber security workforce, supplemented by contractors.”

(ISC)2 Report stresses the need to attract new workers from other professions, or recent graduates with tangential degrees, as well as seasoned professionals from consulting and contracting sectors.

Organisations should look to strengthen from within by cross-training existing IT professionals where appropriate. The biggest role needs in security teams are, in fact, not what we would traditionally classify as cybersecurity roles, they're cyber-enabled roles.

 A cyber-enabled employee should have an above-average understanding of cyber security, but does not need the breadth and depth of knowledge that a dedicated cybersecurity practitioner has.

Companies also need to invest in their workforce strategies and training. It's important to create, tailor, and deliver upskilling solutions to employers based on their unique workforce requirements and roles. That means a need for modular, skill-focused education that allows employees to acquire new knowledge in shorter amounts of time without sacrificing work productivity.

(ISC)2:       Infosecurity Magazine:      Dark Reading:        I-HLS:    

For a cost effective Cyber Audit and recommendations on  Cyber Security Training please contact Cyber Security Intelligence.

You Might Also Read: 

Critical Cyber Security Threats & Solutions For Business:

 

« Is AI The Future of Cyber Security?
Latest Cyber Attacks On Game-Makers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

FIRST Conference

FIRST Conference

Annual conference organised by the Forum of Incident Response and Security Teams (FIRST), a recognized global leader in computer incident response.

SecuriThings

SecuriThings

SecuriThings is a User and Entity Behavioral Analytics (UEBA) solution for IoT security.

Commissum

Commissum

Commissum specialise in information assurance and security testing services.

IDpendant

IDpendant

IDpendant offers a wide range of services, including authentication technology, client security products, single sign on systems, encryption solutions, card and mobile device management systems.

CryptoMill Cybersecurity Solutions

CryptoMill Cybersecurity Solutions

CryptoMill Cybersecurity Solutions provides advanced, innovative data security solutions for enterprises, professionals and individuals.

Guardian Data Destruction

Guardian Data Destruction

Guardian Data Destruction provides a comprehensive suite of onsite e-data destruction services.

6point6

6point6

6point6 is a technology consultancy with strong expertise in digital transformation, emerging technology and cyber security.

Blockchain Research Institute (BRI)

Blockchain Research Institute (BRI)

Blockchain Research Institute (BRI) is an independent, global think-tank. We bring together the world’s top global researchers to undertake ground-breaking research on blockchain technology.

Nominet

Nominet

Nominet's cyber division offers network detection and response services to governments and enterprises worldwide.

FraudLabs Pro

FraudLabs Pro

FraudLabs Pro detects fraud and helps merchants to reduce e-commerce chargebacks by identifying high risk transactions.

Alibaba Cloud

Alibaba Cloud

Alibaba Cloud is committed to safeguarding the cloud security for every business by leveraging a comprehensive suite of enterprise security services and products on the platform.

Anonomatic

Anonomatic

Anonomatic’s mission is to make data privacy secure, simple and cost effective. We are Data and Privacy Experts who are passionate about helping organizations solve PII compliance.

Otava

Otava

Otava is a global leader of secure, compliant hybrid cloud and IT solutions for service providers, channel partners and enterprise clients.

ANSSI Burkina Faso

ANSSI Burkina Faso

ANSSI is responsible for managing the security of information systems and cyberspace in Burkina Faso.

Airlock Digital

Airlock Digital

Airlock Digital was created after many years of experience in implementing whitelisting/ allowlisting solutions in Federal Government and various enterprises in Australia.

P3M Works

P3M Works

P3M Works delivers Cyber Security and Digital Transformation projects across both private and public sector clients.