The Cybersecurity Skills Shortage Threat and What Your Agency Can Do About It
Cybersecurity skills shortages are nothing new. But new research shows that they are creating recruiting chaos. CSO Online reports that 45% of organizations claim to have problematic shortage of cyber skills and 70% of organizations report the skills shortage has had a direct impact such as increased workload on existing staff, the need to hire and train junior employees, and that old problem of staff spending all their time reacting to emergency issues rather than strategic planning or training.
In separate research, DLT partner, McAfee, in collaboration with The Center for Strategic and International Studies, found that 82% of respondents in both the public and private sector report a shortage of cybersecurity skills and three out of four believe the government is not investing enough in cyber talent. High value skills in short supply include intrusion detection, secure software development, and attack mitigation. While hands-on experience and professional certifications are cited as the best ways to acquire cyber experience than a degree (even though most organizations insist on a bachelor’s degree as a baseline credential for cybersecurity work).
Hackers Target Short-Staffed Organizations
The continued skills shortage creates tangible risks to organizations, many report that they have already incurred damages as a result of this workforce gap. Respondents to the McAfee survey say their organizations, unable to maintain adequate cybersecurity staff, have been targeted by hackers who suspect a shortage of internal cybersecurity skills. One in four respondents say their organizations have lost proprietary data because of their cybersecurity skills gap.
Hackers Make Good Cyber Recruits
McAfee also reports that one in five survey respondents cite hacking competitions as among the most effective way to identify and develop skills. Gaming can help in this regard. The U.S. Department of Defense is stepping into this field and has produced CyberProtect, a game focused on resource management and countermeasure decision-making.
Closing the Gap in Cybersecurity Skills
Closing the gap in cybersecurity skills requires nations and organizations to develop critical technical skills, cultivate a larger and more diverse workforce, and reform education and training programs to include more hands-on learning, suggests McAfee.
The latter is a big deal. While employers may be wary of investing in expensive training programs that make employees more attractive in the talent marketplace, McAfee’s survey shows the absence of such training is often a significant factor in people’s decisions to seek alternative employment.
Cybersecurity as a Service?
Another option for resource-constrained agencies is to leave the security management to someone else. McAfee’s fully-managed security offering helps you manage your security strategy and operations 24/7. McAfee can help your organization quickly identify potential threats and cracks in your security infrastructure through close collaboration with a team of experts who live and breathe cybersecurity. In collaboration with your IT security team, we can ease day-to-day security operations and share best practices necessary to address compliance mandates, prepare for future security requirements, and control costs. Contact us to learn more.