Hacking the Skills Shortage

An insight into the international shortage in cybersecurity skills.

This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.

Every day, we read of yet another company being hacked. In many cases, attacks are outpacing defence. The global shortage of trained and qualified cybersecurity talent exacerbates the already challenging task of defending against the rapidly accelerating volume of sophisticated advanced threats. The shortfall remains a critical vulnerability for companies and nations, and impacts all industry sectors.

Conventional education and policies are unable to meet the increasing demand. New solutions are needed to build the cybersecurity workforce necessary in a networked world.

Four Dimensions of the Cybersecurity Workforce Shortage

Cybersecurity spending

It is estimated that the total global cybersecurity spend in the next four to five years will be more than US$100 billion. The biggest spenders and consumers of cybersecurity technology and services are the governments and the financial services industry, which are often prime targets for attackers. By investing heavily in cybersecurity, these two sectors are better equipped to deal with the workforce shortage issue and can help drive best practices for training and hiring.

The banking industry has been particularly active in increasing cybersecurity spending, reflecting its prominence as a target. In fact, banks are three times more likely to be targeted than non-financial institutions.

Education and training

Traditional academic institutions are the primary source of initial education and training for cybersecurity professionals, but non-traditional methods may be a better way to acquire and grow cybersecurity skills. Incorporating practical learning into academic programmes would better prepare cybersecurity professionals for the real world.

While a bachelor's degree is typically considered necessary to enter this field, cybersecurity-specific offerings in higher education are rare. Cybersecurity as an academic discipline or programme of study is often inaccessible to students.

Employer dynamics

Employers need more effective strategies and incentives to recruit and retain top cybersecurity talent. While salary is often the common motivating factor in recruitment, training, the reputation of the prospective employer's IT department, and potential for advancement matters as much in retaining the talent.

Companies need to be strategic in deciding what skills will be needed to combat future cybersecurity threats and how new technologies can offset workforce shortages. Recognising the need that many new professionals lack necessary skills and that even proficient workers will require continuous skill development and on-the-job training is crucial for the talent retention.

Government policies

Many countries have prioritised cybersecurity and are enacting legislation and national strategies, establishing coordinating bodies and cybersecurity agencies, and, in some cases, funding programmes to cultivate a larger cybersecurity workforce. The cybersecurity talent gap has become a prominent political issue, as the government across the world have called for increased support for the cybersecurity workforce in the past years.

1  2  Next Page