“Businesses vulnerable due to shortage of cyber talent” reports Intel Security in new industry study

There’s a serious talent shortage impacting the cyber security industry. That’s according to a new report just published by Intel Security in partnership with the Centre for Strategic and International Studies (CSIS). 82% of respondents to the global survey admit to a shortage of cyber security skills across their company, with 71% of respondents citing this shortage as being responsible for direct and measurable damage to organisations whose lack of talent makes them more desirable hacking targets.

The Hacking the Skills Shortage Report highlights that the demand for cyber security professionals is outpacing the supply of qualified workers, with highly technical skills the most in need across all those countries surveyed. Despite a quarter of respondents confirming their organisations had lost proprietary data as a result of this skills gap, there are no signs of this situation abating in the near-term. Respondents estimate an average of 15% of cyber security positions in their company will go unfilled by 2020.

Published by the Business Continuity Institute (BCI), the recent Cyber Resilience Report revealed that two-thirds of organisations have experienced a cyber security incident during the previous year, with 15% experiencing at least ten such episodes. This shows the cyber threat is very real and that organisations must take it seriously. That process starts by making sure resources are available to combat the threat.

Such is the level of the threat at present that cyber attacks and data breaches were identified as the top two concerns of business continuity professionals surveyed for the BCI’s latest Horizon Scan Report, which also identified the availability of talents/key skills as a Top Ten concern.

Analysis of four dimensions

The Hacking the Skills Shortage Report analyses four dimensions that comprise the cyber security talent shortage, which include:

*Cyber security spending: The size and growth of cyber security budgets reveals how countries and companies prioritise cyber security. Unsurprisingly, countries and industry sectors that spend more on cyber security are better placed to deal with the workforce skills shortage

*Education and training: Only 23% of respondents believe education programmes are preparing students to enter the industry. This report reveals non-traditional methods of practical learning, such as hands-on training, gaming and technology exercises and ‘hackathons’ may be a more effective way to acquire and grow cyber security skills. More than half of respondents believe that the cyber security skills shortage is worse than talent deficits in other IT professions, placing an emphasis on continuous education and training opportunities

*Employer dynamics: While salary is unsurprisingly the top motivating factor in recruitment, other incentives are important in recruiting and retaining top talent, such as training, growth opportunities and the reputation of the employer’s IT Department. Almost half of respondents cite lack of training or qualification sponsorship as common reasons for talent departure

*Government policies: More than three-quarters (76%) of respondents say their Governments are not investing enough in building cyber security talent. This shortage has become a prominent political issue as heads of state in the UK, the US, Israel and Australia have called for increased support for the cyber security workforce in the last year

Direct damage to companies

“A shortage of people with cyber security skills results in direct damage to companies, including the loss of proprietary data and IP,” said James Lewis, senior vice-president and director of the Strategic Technologies Program at CSIS. “This is a global problem. A majority of respondents in all countries surveyed could link their workforce shortage with damage to their organisation.”

Chris Young, senior vice-president and general manager of the Intel Security Group, added: “The security sector has talked at length about how to address the storm of hacks and breaches, but Government and the private sector haven’t brought enough urgency to solving the cyber security talent shortage. To address this workforce crisis, we need to foster new education models, accelerate the availability of training opportunities and deliver deeper automation such that talent is put to its best use on the front line.”

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts