The Skills Shortage Presents A Looming Cyber Security Threat

The global IT security skills shortage has surpassed four million, according to (ISC)2.  In the United States alone, current estimates suggest a shortage of cyber security employees of 1.8 million by 2022.  Indeed, their recent survey of the job market for cyber security professionals reveals that most countries need significant increases and sustained improvements in their cyber security workforces.

The certifications organisation compiled its latest Cybersecurity Workforce Study from interviews with over 3200 security professionals around the world. The (ISC)2 data indicates a necessary cybersecurity workforce increase of 145%.

 The study provides  insights and strategies for building and growing strong cybersecurity teams as many organisations struggle with a proliferation of attacks by hackers.

The report estimated the current global workforce at 2.93 million, including 289,000 in the UK and 805,000 in the US.

  • The number of unfilled positions now stands at 4.07 million professionals, up from 2.93 million this time last year.
  • This includes 561,000 in North America and a staggering 2.6 million short-fall in APAC. 
  •  In the US market, the current cyber security workforce estimate is 804,700 and the shortage of skilled professionals is 498,480, requiring an increase of 62% to better defend US organisations. 
  • The shortage of skilled workers in the industry in Europe has soared by more than 100% over the same period, from 142,000 to 291,000.

To tackle the problem in the the US the Dept of Homeland Security (DHS) Science and Technology Directorate (S&T), in partnership with the Cybersecurity and Infrastructure Security Agency (CISA), has awarded $2 million to an initiative that will build a national network of cyber security technical institutes.

The aim of new US cybersecurity technical institutes is to shrink the cyber security workforce shortage. 

Referring to cyber security workforce needs, the report found that “the majority of US critical infrastructure is owned and operated by private companies, making its cybersecurity workforce vital.... Also, the Federal government depends heavily on its cyber security workforce, supplemented by contractors.”

(ISC)2 Report stresses the need to attract new workers from other professions, or recent graduates with tangential degrees, as well as seasoned professionals from consulting and contracting sectors.

Organisations should look to strengthen from within by cross-training existing IT professionals where appropriate. The biggest role needs in security teams are, in fact, not what we would traditionally classify as cybersecurity roles, they're cyber-enabled roles.

 A cyber-enabled employee should have an above-average understanding of cyber security, but does not need the breadth and depth of knowledge that a dedicated cybersecurity practitioner has.

Companies also need to invest in their workforce strategies and training. It's important to create, tailor, and deliver upskilling solutions to employers based on their unique workforce requirements and roles. That means a need for modular, skill-focused education that allows employees to acquire new knowledge in shorter amounts of time without sacrificing work productivity.

(ISC)2:       Infosecurity Magazine:      Dark Reading:        I-HLS:    

For a cost effective Cyber Audit and recommendations on  Cyber Security Training please contact Cyber Security Intelligence.

You Might Also Read: 

Critical Cyber Security Threats & Solutions For Business:

 

« Is AI The Future of Cyber Security?
Latest Cyber Attacks On Game-Makers »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Global Secure Solutions (GSS)

Global Secure Solutions (GSS)

Global Secure Solutions is an IT security and risk consulting firm and authorised ISO training partner for the PECB.

DataCore Software

DataCore Software

DataCore Software is a leader in Software-Defined Storage. Solutions offered include back up and disaster recovery.

SharkGate

SharkGate

SharGate provide a cloud-based website security solution to protect websites from being hacked.

Ionic Security

Ionic Security

Ionic provide a high-assurance data protection and control platform built on strong encryption, fine-grain control and contextual analytics.

Network Integrity Systems

Network Integrity Systems

Network Integrity Systems is a leader in network infrastructure security and offers solutions specifically developed for Government and Private Enterprise.

Veriato

Veriato

Veriato develops intelligent solutions that provide companies with visibility into the human behaviors and activities occurring within their network, making them more secure and productive.

Technology Law Alliance (TLA)

Technology Law Alliance (TLA)

Technology Law Alliance is a specialist IT law firm focussed on the fields of technology, outsourcing and e-commerce.

EuraTechnologies

EuraTechnologies

EuraTechnologies, the French incubator and accelerator, is a centre of excellence and innovation for startups and entrepreneurs with a focus on Digital, Data, Cybersecurity and IoT.

Haven Group

Haven Group

Haven Group and its companies are a cyber security one-stop-shop for our clients offering a full range of cyber security services to our clients in a unified and united way.

JupiterOne

JupiterOne

JupiterOne is the security product that is changing how organizations manage and secure their software defined assets.

Scholarly Networks Security Initiative (SNSI)

Scholarly Networks Security Initiative (SNSI)

SNSI brings together publishers and institutions to solve cyber-challenges threatening the integrity of the scientific record, scholarly systems and the safety of personal data.

Xalient

Xalient

Xalient is an IT consulting and managed services business, specialising in modern, software-defined networking, security and communications technologies.

Alpha Omega Integration

Alpha Omega Integration

Alpha Omega creates new possibilities through intelligent end-to-end mission-focused government IT solutions.

Infosec Institute

Infosec Institute

Infosec is a leading cybersecurity training company, we help IT and security professionals advance their careers with skills development and certifications.

Systems Engineering

Systems Engineering

Systems Engineering is a SOC 2, Type 2-certified IT strategy and managed technology services provider.

IDCARE

IDCARE

IDCARE is Australia and New Zealand’s national identity & cyber support service. Our service is the only one of its type in the world.