June 13, 2017 By Scott Koegler 2 min read

Another Way to Bridge the Cybersecurity Skills Gap

Terms such as cybersecurity, hacking and data breach have become part of everyday conversation for people who have little understanding of how those activities are accomplished. The devastating effects of cyber incidents have invaded public and private life, and protecting digital assets has become a critical priority for enterprises and governments. Still, according to CSO Online, 1 million cybersecurity jobs are currently unfilled, and the deficit will likely increase through 2021.

The talent pool for every position in the security sector, from chief information security officer (CISO) all the way to cyber analyst, is suffering from underpopulation. At what point would it make sense for one company to acquire another solely to conscript its existing talent?

The Best Talent Money Can Buy

Security professionals need resources and assistance to discover threats and take preventive actions. That often leads companies to enlist cybersecurity firms to supplement their internal staff. These providers assemble the talent and resources needed to serve their clients. They build a critical mass of security professionals and offer enticing work environments to prospective employees. The result is a company with a community of well-trained and experienced professionals working in environments dedicated to security.

Enterprises of all sizes across all industries are scrambling to fill their gaps in security to avoid becoming another headline. Smaller organizations may be able to find local candidates seeking experience to fill entry-level positions, and these hires may turn out to be superstars. Midsize companies may be able to compete financially for more seasoned professionals, but those candidates have the upper hand in this market and can name their own terms. Larger companies that have diversified and posses the requisite financial resources, however, have an option that’s unavailable to smaller organizations: acquiring a company to poach its cybersecurity talent.

A Long-Term Investment

According to Cybersecurity Ventures, spending on security will eclipse $1 trillion over the next five years and bring new entrants to the market, along with an active mergers and acquisition market. This should be of interest to enterprises struggling to secure their assets and build out their cyberdefense capabilities.

“Human capital has moved ahead of technology when we look at companies,” said Steve Morgan, founder and editor-in-chief at Cybersecurity Ventures. This makes acquiring a cybersecurity provider a viable consideration for larger organizations because it can bring much-needed expertise and facilitate a horizontal expansion that could even become a revenue source.

The talent shortage is expected to worsen over the next five years, and cybercriminals will find new ways to infiltrate enterprise systems. Long-term investment in talent and specialized resources by way of acquisition may be the best way for organizations to combat these trends.

More from CISO

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today