Wanted: Cybersecurity skills.
Intel Security in partnership with the Center for Strategic and International Studies (CSIS), recently released a global report called, Hacking the Skills Shortage, outlining the talent shortage crisis affecting the cybersecurity industry across companies and nations. Eighty two percent of IT professionals said there is a shortage of people with cybersecurity skills.
What’s more, 71 percent of respondents said a shortage is “responsible for direct and measureable damage to organizations whose lack of talent makes them more desirable hacking targets,” according to a news release.
Companies can’t find enough skilled candidates to fill openings, despite higher salaries. In 2015, 209,000 cybersecurity jobs went unfilled in the U.S. Even though 1 in 4 respondents said their organizations have lost proprietary data as a result of the cybersecurity skills gap, there are no signs of this workforce dearth diminishing.
Those surveyed, “estimate an average of 15 percent of cybersecurity positions in their company will go unfilled by 2020.”
The need for a strong cybersecurity workforce is critical, experts say, especially with the rise in mobile and cloud computing and the growing turn toward the Internet of Things (IOT)— the multitude of devices connect to the Internet—as well as sophisticated cyberattacks and cyberterrorism worldwide.
“The security industry has talked at length about how to address the storm of hacks and breaches, but government and the private sector haven’t brought enough urgency to solving the cybersecurity talent shortage,” said Chris Young, senior vice president and general manager of Intel Security Group.
The Intel report analyzed four dimensions that make up the cybersecurity talent shortage:
- Cybersecurity Spending: Countries and industry sectors that spend more on cybersecurity are able to deal with the workforce shortage better, the report reveals.
- Education and Training: Only 23 percent of respondents say education programs are preparing students to enter the industry. According to the report, “non-traditional methods of practical learning, such as hands-on training, gaming and technology exercises and hackathons,” were more effective in increasing cybersecurity skills. “More than half of respondents believe that the cybersecurity skills shortage is worse than talent deficits in other IT professions, placing an emphasis on continuous education and training opportunities,” the report states.
- Employer Dynamics: While salary is the top motivating factor in recruitment, other incentives are important in recruiting and retaining top talent, such as training, growth opportunities and reputation of the employer’s IT department.
- Government Policies: About 76 percent of respondents say their governments “are not investing enough in building cybersecurity talent. This shortage has become a prominent political issue as heads of state in the U.S., U.K., Israel and Australia have in the last year called for increased support for the cybersecurity workforce.
The most frequent top three skills in demand: Intrusion detection, secure software development, and attack mitigation.
Some 500 IT decision-makers involved in cybersecurity in the public and private sectors were interviewed in May 2016 in the U.S., the U.K., France, Germany, Australia, Japan, Mexico, and Israel for the Intel report.
You can read the full report here.