Increasingly #cyber-related risks are threatening the core services of enterprises. Against this, the skills shortage has been identified as one of the major challenges that organisations face. Companies need to devise a strategy to build a strong resource pool to mitigate the threats
If one is pursuing a degree in #cybercrime and #cybersecurity he must not worry about his employment. Here’s why: A recent research conducted by information technology giant, Infosys says a majority of firms are facing a shortage of skilled workforce in the #cybersecurity industry. Market data corroborates the trend. In fact, the problem of skills shortage is increasing by every passing year.
The skills shortage is worsening for the third year since 2017 and has impacted nearly three quarters (74 percent) of organizations, according to the third annual global study of cybersecurity professionals by the Information Systems Security Association (#ISSA) and independent industry analyst firm Enterprise Strategy Group (#ESG).
What this means is while the cyber-related threats are on a rise, enterprises are exposed to more and more risks. And the situation could get worse if the matter is left unchecked.
What is more interesting to know is that the most acute skills shortages lie in the field of cloud security, application security and security analysis and investigations. These areas of expertise often are core to a company’s operations.
The situation has escalated to a higher degree because the evolution of cybersecurity has constantly led to new threats and new challenges, and cybersecurity teams are not able to tackle the evolving task at hand. For example, post the implementation of #GDPR, several firms are still grappling with the evolution and its compliance requirements.
If one is pursuing a degree in cybercrime and cybersecurity he must not worry about his employment. Here’s why: A recent research conducted by information technology giant, Infosys says a majority of firms are facing a shortage of skilled workforce in the cybersecurity industry. Market data corroborates the trend. In fact, the problem of skills shortage is increasing by every passing year.
The skills shortage is worsening for the third year since 2017 and has impacted nearly three quarters (74 percent) of organizations, according to the third annual global study of cybersecurity professionals by the Information Systems Security Association (ISSA) and independent industry analyst firm Enterprise Strategy Group (ESG).
What this means is while the cyber-related threats are on a rise, enterprises are exposed to more and more risks. And the situation could get worse if the matter is left unchecked.
What is more interesting to know is that the most acute skills shortages lie in the field of cloud security, application security and security analysis and investigations. These areas of expertise often are core to a company’s operations.
The situation has escalated to a higher degree because the evolution of cybersecurity has constantly led to new threats and new challenges, and cybersecurity teams are not able to tackle the evolving task at hand. For example, post the implementation of GDPR, several firms are still grappling with the evolution and its compliance requirements.
What this means is that cyber-related threats are constantly adding to the challenges of existing core functions of enterprises.
What needs to be done?
A Gartner Research predicts worldwide spending on Information Security will grow to US$124 bn by the end of 2019. However, it adds, cost of cybercrime will outpace the spending on cybersecurity by 16 times during the year to reach a whopping US$2.1 trillion.
In this context, Frost & Sullivan forecasts a shortfall of 1.5 million cybersecurity professionals by 2020. Supply of trained, skilled professionals lags the total demand.
Here are some ways to tackle the challenge of skills shortage:
1) Internal training & mentoring: Quite straight as it sounds, this is a key to constant skills upgrade! Organisations can select mentors and batch of students from within the existing workforce every quarter, every year to start internal training sessions. These will be effective in facing the immediate needs of the company.
Company management can also tie-up with educational institutions of repute to impart, self-funded or company-funded education. This will also infuse a sense of gratitude and loyalty among the employees.
2) Setting up your skilling and research center: Several organisations have set up their innovation labs across emerging centers around the world. Companies can involve outsourced cybersecurity experts to be a guest faculty at these innovation centers, where employees can be taught new-age threats on a regular basis.
3) Government and private sector alliance: Several government bodies and organisations are today working in groups and industry associations to address the skills gap. In this context, companies can join such groups for training purposes and awareness of threats. This will not only help them keep the employees updated but will also help them be a part of industry-wide training programmes and classes. Consider the case of India, where the IT industry body Nasscom, formed under the aegis of the government, works for the betterment of the sector. Companies operating in the IT/ITeS sectors are members of Nasscom.
The body also addresses the skills shortage through industry-led learning programmes, newsletters, etc. It also works along with the government and members to set up incubation centers and labs to address the challenges of the sector. The skills up-gradation programme is thus for the industry and is led by the industry.
4) Adopt technology & artificial intelligence: We all are aware that AI can perform the job of five different people at one particular time. Without getting into the debate of ‘AI is taking away our jobs’, it is now imperative that we work on a war footing and implement faster adoption of new-age technology and AI that can mitigate the risks. Technology adoption ensures that cybersecurity professionals and the internal defense mechanisms are working to reduce the threats. The use of AI can simply enhance our understanding of the risks.
Companies applying these methods and working towards skilling will surely benefit and avoid the unwanted consequences of a full-blown cybersecurity breach.