The Skills Shortage Presents A Looming Cyber Security Threat

The global IT security skills shortage has surpassed four million, according to (ISC)2.  In the United States alone, current estimates suggest a shortage of cyber security employees of 1.8 million by 2022.  Indeed, their recent survey of the job market for cyber security professionals reveals that most countries need significant increases and sustained improvements in their cyber security workforces.

The certifications organisation compiled its latest Cybersecurity Workforce Study from interviews with over 3200 security professionals around the world. The (ISC)2 data indicates a necessary cybersecurity workforce increase of 145%.

 The study provides  insights and strategies for building and growing strong cybersecurity teams as many organisations struggle with a proliferation of attacks by hackers.

The report estimated the current global workforce at 2.93 million, including 289,000 in the UK and 805,000 in the US.

  • The number of unfilled positions now stands at 4.07 million professionals, up from 2.93 million this time last year.
  • This includes 561,000 in North America and a staggering 2.6 million short-fall in APAC. 
  •  In the US market, the current cyber security workforce estimate is 804,700 and the shortage of skilled professionals is 498,480, requiring an increase of 62% to better defend US organisations. 
  • The shortage of skilled workers in the industry in Europe has soared by more than 100% over the same period, from 142,000 to 291,000.

To tackle the problem in the the US the Dept of Homeland Security (DHS) Science and Technology Directorate (S&T), in partnership with the Cybersecurity and Infrastructure Security Agency (CISA), has awarded $2 million to an initiative that will build a national network of cyber security technical institutes.

The aim of new US cybersecurity technical institutes is to shrink the cyber security workforce shortage. 

Referring to cyber security workforce needs, the report found that “the majority of US critical infrastructure is owned and operated by private companies, making its cybersecurity workforce vital.... Also, the Federal government depends heavily on its cyber security workforce, supplemented by contractors.”

(ISC)2 Report stresses the need to attract new workers from other professions, or recent graduates with tangential degrees, as well as seasoned professionals from consulting and contracting sectors.

Organisations should look to strengthen from within by cross-training existing IT professionals where appropriate. The biggest role needs in security teams are, in fact, not what we would traditionally classify as cybersecurity roles, they're cyber-enabled roles.

 A cyber-enabled employee should have an above-average understanding of cyber security, but does not need the breadth and depth of knowledge that a dedicated cybersecurity practitioner has.

Companies also need to invest in their workforce strategies and training. It's important to create, tailor, and deliver upskilling solutions to employers based on their unique workforce requirements and roles. That means a need for modular, skill-focused education that allows employees to acquire new knowledge in shorter amounts of time without sacrificing work productivity.

(ISC)2:       Infosecurity Magazine:      Dark Reading:        I-HLS:    

For a cost effective Cyber Audit and recommendations on  Cyber Security Training please contact Cyber Security Intelligence.

You Might Also Read: 

Critical Cyber Security Threats & Solutions For Business:

 

« Is AI The Future of Cyber Security?
Latest Cyber Attacks On Game-Makers »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Pervade Software

Pervade Software

Pervade Software is a global provider of dedicated compliance tracking software with monitoring & reporting capabilities.

ASU Online - Information Technology Program

ASU Online - Information Technology Program

The Information Technology program at ASU Online provides you with the expertise to design, select, implement and administer computer-based information solutions.

Malta Information Technology Agency (MITA)

Malta Information Technology Agency (MITA)

MITA is the central driver of Government Information and Communications Technology (ICT) policy, programmes and initiatives in Malta.

IoT Security Institute (IoTSI)

IoT Security Institute (IoTSI)

IoT Security Institute is an academic and industry body dedicated to providing frameworks and supporting educational services to assist in managing security within an Internet of Things eco-system.

Italtel

Italtel

Italtel is a multinational ICT company that combines networks and communications services with the ability to innovate and develop solutions for digital transformation.

River Loop Security

River Loop Security

River Loop Security specialize in solving complex cybersecurity challenges in the IoT and embedded devices space.

Cyolo

Cyolo

Cyolo’s Secure Access Service Edge (SASE) platform securely connects onsite and remote users to authorized assets, in the organizational network, cloud or IoT environments and even offline networks.

Atakama

Atakama

With Atakama, data remains encrypted until the very moment it is used, and the ability to decrypt is based on zero trust architecture.

Larsen & Toubro Infotech (LTI)

Larsen & Toubro Infotech (LTI)

LTI is a global technology consulting and digital solutions company with operations in 33 countries.

HarfangLab

HarfangLab

HarfangLab develops a hunting software to boost detection and neutralization of cyberattacks against companies endpoints.

Third Point Ventures

Third Point Ventures

Third Point brings deep technical expertise, a strong network of relationships, and decades of investing experience to add value to our partners throughout their journey from idea to IPO and beyond.

EkoCyber

EkoCyber

EkoCyber partner with businesses as a value-added MSSP to provide top-tier, trusted and transparent cyber security services at an affordable price point.

AUCloud

AUCloud

AUCloud is a leading Australian cyber security and secure cloud provider, specialising in supporting businesses and Governments with the latest cloud infrastructure.

Hacker School

Hacker School

Hacker School offers technology motivated training programs that provide Cyber Security Certifications and Courses.

AppSOC

AppSOC

AppSOC is a leader in Application Security Posture Management (ASPM) and Code-to-Cloud Vulnerability Management.

Secomea

Secomea

Secomea redefines manufacturing plant security by combining internationally recognized industry best practices as critical components of our robust cybersecurity strategy.